urlscan.io logo urlscan.io
SecurityTrails logo

courses.null-char.com Open in urlscan Pro
2606:4700:4400::6812:239f  Public Scan

Go To Rescan Add Verdict Report
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Submission: On February 06 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 11 domains to perform 34 HTTP transactions. The main IP is 2606:4700:4400::6812:239f, located in United States and belongs to CLOUDFLARENET, US. The main domain is courses.null-char.com.
TLS certificate: Issued by E1 on January 11th 2024. Valid for: 3 months.
This is the only time courses.null-char.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    2606:4700:4400::6812:239f (United States)

ASN13335 (CLOUDFLARENET, US)
courses.null-char.com
cdn.thinkific.com
import.cdn.thinkific.com
2    2600:9000:2394:2000:1e:d21e:3d00:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.thinkific.com
1    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:2447:6800:c:8a20:d7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.paritydeals.com
1    2606:4700:4400::ac40:9861 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-themes.thinkific.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)
platform.twitter.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.38.122.114 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-122-114.us-west-2.compute.amazonaws.com
api.paritydeals.com
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
Apex Domain
Subdomains		 Transfer
12 thinkific.com
assets.thinkific.com — Cisco Umbrella Rank: 68844
cdn.thinkific.com — Cisco Umbrella Rank: 54370
import.cdn.thinkific.com — Cisco Umbrella Rank: 62954
cdn-themes.thinkific.com — Cisco Umbrella Rank: 73351
202 KB
5 null-char.com
courses.null-char.com
45 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
266 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1230
syndication.twitter.com — Cisco Umbrella Rank: 1527
131 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
apis.google.com — Cisco Umbrella Rank: 106
78 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
88 KB
2 paritydeals.com
cdn.paritydeals.com — Cisco Umbrella Rank: 999260
api.paritydeals.com — Cisco Umbrella Rank: 590315
2 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
82 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
921 B
34 11
Domain Requested by
6 cdn.thinkific.com courses.null-char.com
cdn.thinkific.com
5 courses.null-char.com 1 redirects courses.null-char.com
3 import.cdn.thinkific.com 1 redirects courses.null-char.com
3 fonts.gstatic.com fonts.googleapis.com
2 apis.google.com courses.null-char.com
apis.google.com
2 platform.twitter.com courses.null-char.com
platform.twitter.com
2 connect.facebook.net courses.null-char.com
connect.facebook.net
2 cdnjs.cloudflare.com courses.null-char.com
cdnjs.cloudflare.com
2 assets.thinkific.com courses.null-char.com
1 syndication.twitter.com platform.twitter.com
1 api.paritydeals.com cdn.paritydeals.com
1 www.facebook.com connect.facebook.net
1 cdn-themes.thinkific.com courses.null-char.com
1 cdn.paritydeals.com courses.null-char.com
1 www.gstatic.com www.google.com
1 www.google-analytics.com courses.null-char.com
1 fonts.googleapis.com courses.null-char.com
1 www.google.com courses.null-char.com
34 18

This site contains links to these domains. Also see Links.

Domain
www.paritydeals.com
Subject Issuer Validity Valid
courses.null-char.com
E1		 2024-01-11 -
2024-04-10		 3 months crt.sh
*.thinkific.com
Amazon RSA 2048 M01		 2023-08-16 -
2024-09-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-08		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
cdn.paritydeals.com
Amazon RSA 2048 M03		 2023-09-23 -
2024-10-22		 a year crt.sh
thinkific.com
Cloudflare Inc ECC CA-3		 2023-08-22 -
2024-08-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-15 -
2024-02-13		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-08-20		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
paritydeals.com
Amazon RSA 2048 M01		 2023-09-23 -
2024-10-22		 a year crt.sh
syndication.twitter.com
R3		 2023-12-06 -
2024-03-05		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://courses.null-char.com/courses/the-art-of-malware-analysis
Frame ID: 5525F8CBBBA8263D7D159D86F2341863
Requests: 30 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fcourses.null-char.com
Frame ID: D0C1A46828FB8A6A4CC1A8C3F8B7280E
Requests: 2 HTTP requests in this frame

Frame: https://courses.null-char.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: F1273BC264DCAC89590486A70E8B1D3B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Art of Malware Analysis

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

34
Requests

94 %
HTTPS

81 %
IPv6

11
Domains

18
Subdomains

16
IPs

2
Countries

917 kB
Transfer

2410 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://import.cdn.thinkific.com/627020/fIPhvhr1TCiKgFwYqz32_53417-PP.jpg?width=250 HTTP 301
  • https://import.cdn.thinkific.com/cdn-cgi/image/width=250,onerror=redirect/627020/fIPhvhr1TCiKgFwYqz32_53417-PP.jpg
Request Chain 30
  • https://courses.null-char.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://courses.null-char.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request the-art-of-malware-analysis
courses.null-char.com/courses/ 		359 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:239f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffd359cd146f521daa58055cb736d5b62d61358e88766b35b8be02827f8cd56e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8513880e3e371c0f-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 06 Feb 2024 12:52:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
76320130b99856c50a60b2a6b21c5a8a
x-runtime
0.075695
x-xss-protection
1; mode=block
custom_site_theme_required-56ee3e445afd11deaa93a33f91cf56d1f274e1c5119c9b12911b31b1c069fc6e.css
assets.thinkific.com/assets/ 		56 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.thinkific.com/assets/custom_site_theme_required-56ee3e445afd11deaa93a33f91cf56d1f274e1c5119c9b12911b31b1c069fc6e.css
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:2000:1e:d21e:3d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56ee3e445afd11deaa93a33f91cf56d1f274e1c5119c9b12911b31b1c069fc6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:19:02 GMT
content-encoding
gzip
via
1.1 b4b344356515496fe04e908f6ee73f4e.cloudfront.net (CloudFront)
last-modified
Wed, 29 Nov 2023 18:14:46 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
5942018
etag
W/"705ea6d82c05fee0e289e28120158c10"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
L0SqGUxwfAhSqXDcap2bfxe-OyV9qJdnOkGYLF8lhY2TkQRarPZObg==
toga-icons.css
cdn.thinkific.com/assets/toga-css/0.83.3/fonts/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thinkific.com/assets/toga-css/0.83.3/fonts/toga-icons.css
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:239f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a277f167248ccbbf09751d63867b3f258aa24629cec669071319124906fe320e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:52:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
gUqNZfnmdYFqvLzIWdxv3kZXFmyFkA.B
age
5903072
x-amz-request-id
R6N61F4FNARGQ9MF
x-amz-server-side-encryption
AES256
x-amz-id-2
vkTEq585RznpKe798tketZceAvMgHGwLqGqYuRymN8FRbtfXMzotaSkoim3/RLO8gZsE6Bqaa6o=
last-modified
Wed, 11 Oct 2023 23:38:11 GMT
server
cloudflare
etag
W/"17e65401ae2de9f50ccd74113f50c476"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
85138810dc584d26-FRA
expires
Wed, 05 Feb 2025 12:52:39 GMT
toga-product-icons.css
cdn.thinkific.com/assets/toga-css/0.83.3/fonts/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.thinkific.com/assets/toga-css/0.83.3/fonts/toga-product-icons.css
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:239f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d71f71f397da987bce397bff97f4b892d04fef24b2e307419f55b3f6859cbee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:52:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
ReukRg47.tYqOwa8u0mEr5rzFHPS8A.7
age
5989210
x-amz-request-id
TDCBQ1RV3E7F2FMK
x-amz-server-side-encryption
AES256
x-amz-id-2
9vwVXdjuT6wWc195MtCZSZOTQVQigasu/CkQTGjDUcwVsFcCo3QMB6VjEkx3BlsFPgaWL3i4DmA=
last-modified
Wed, 11 Oct 2023 23:38:11 GMT
server
cloudflare
etag
W/"64588782dc5242aeacd3e433561a2e09"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
85138810dc5e4d26-FRA
expires
Wed, 05 Feb 2025 12:52:39 GMT
jquery.min.js
cdn.thinkific.com/assets/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thinkific.com/assets/jquery/3.5.1/jquery.min.js
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:239f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:52:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
1_SOw_y2MKVtb9mvv308O6oupV_Wlyrm
age
7541834
x-amz-request-id
4GEP1GJ61C0P6FS1
x-amz-server-side-encryption
AES256
x-amz-id-2
FoGtZJ20z9WDpmvO5qtXBgs6tDLaBfvYO3fS7UrxJTpqegamLO5z4xTvoL6TITSynt3ITQ4oaEs=
last-modified
Thu, 29 Jun 2023 23:44:27 GMT
server
cloudflare
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
85138810dc624d26-FRA
expires
Wed, 05 Feb 2025 12:52:39 GMT
jquery-migrate.js
cdn.thinkific.com/assets/jquery-migrate/3.3.1/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thinkific.com/assets/jquery-migrate/3.3.1/jquery-migrate.js
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:239f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
946b94a8950f5c910c8105ff45168cea66642baa27a398b96c7b81304e2a382a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:52:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
veqSxlmDajzVKe.Mhyj8CZkp51T9lbUy
age
7544501
x-amz-request-id
DPM9WR22KTFGTNY9
x-amz-server-side-encryption
AES256
x-amz-id-2
EnOhPKOruWn7L13dXbYiGngFrrwI4py+ZH10pklivICE0BkhYiVnTc1m2lVw9v4v8gGEskJcooc=
last-modified
Thu, 29 Jun 2023 23:44:26 GMT
server
cloudflare
etag
W/"a2567f79a66b943e14eea52ff1027af0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
85138810dc614d26-FRA
expires
Wed, 05 Feb 2025 12:52:39 GMT
rails.min.js
cdn.thinkific.com/assets/jquery-ujs/1.2.2/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thinkific.com/assets/jquery-ujs/1.2.2/rails.min.js
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:239f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05bc968429f41be17ac5b589da9708e4b9e7a6c9e94b3ca324d56d97b001a7e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:52:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
2g4Ry.xmmjflzbgMZWBFMo4xyUnmr5gc
age
5898528
x-amz-request-id
FV8TX3PGVJ3F7FQS
x-amz-server-side-encryption
AES256
x-amz-id-2
wV/OW8aqd4QuU7ptp5JDB+Ms410toAR6lOkZO6+qtzMC0R/AW+5CiEO3Jo7Ldqfyj1L3zvjOSeY=
last-modified
Thu, 29 Jun 2023 23:44:27 GMT
server
cloudflare
etag
W/"d612716f523552c340705dcbb89fdd5a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
85138810dc644d26-FRA
expires
Wed, 05 Feb 2025 12:52:39 GMT
application-themes-v2-7cd938d2d1be290f681fd97f478f449f3d64a087ca6404436ff3396d7bef07ec.js
assets.thinkific.com/assets/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.thinkific.com/assets/application-themes-v2-7cd938d2d1be290f681fd97f478f449f3d64a087ca6404436ff3396d7bef07ec.js
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:2000:1e:d21e:3d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2235cb7f020758bdc9d09704eb9da1a8d27969737d82798f804417f5e08cb6df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:19:02 GMT
content-encoding
gzip
via
1.1 b4b344356515496fe04e908f6ee73f4e.cloudfront.net (CloudFront)
last-modified
Wed, 29 Nov 2023 18:13:00 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
5942018
etag
W/"19ac3d7688a2affa9bbb52d50c6dc484"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
h5YRbQNbL2UnKa3ohEl32X54NK4CVBdv6iWT6mp3nde6oWtKoz_E0g==
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
15dd40f19386303a8f905168185e422e41815f8fa2d655d860a0a676e173b460
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 06 Feb 2024 12:52:39 GMT
css
fonts.googleapis.com/ 		4 KB
921 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,200,300,400,400i,500,600,700,800,900&display=swap
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c52781b09739518548c3162e58fd880338d8f359bbdae0d78dcbfd6f6bc622d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Feb 2024 12:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 12:52:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Feb 2024 12:52:39 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:52:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2741238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bu4Uc9nOlYLqj1T6ap2UTrHwnm0IX09kfIu4FtX%2FlcNXFPbQyGSINSuZ4cnP7%2F6zoDggumzxfZ9aixe6Qi5rZkOSkn7io2U0pP%2Bmk0eCkmaLAU5hk%2FlYaPhARpwLpAT%2B9o2W7n%2FiI8uiXKcJWWFb0T25"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85138810d927bbaf-FRA
expires
Sun, 26 Jan 2025 12:52:39 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Feb 2024 11:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3870
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 06 Feb 2024 13:48:09 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ 		491 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://courses.null-char.com/
Origin
https://courses.null-char.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 14:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200286
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 03:01:23 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Feb 2025 14:10:23 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,200,300,400,400i,500,600,700,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://courses.null-char.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 22:07:30 GMT
x-content-type-options
nosniff
age
53109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Feb 2025 22:07:30 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,200,300,400,400i,500,600,700,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://courses.null-char.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:48:23 GMT
x-content-type-options
nosniff
age
583456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:48:23 GMT
toga-icons.woff2
cdn.thinkific.com/assets/toga-css/0.83.3/fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.thinkific.com/assets/toga-css/0.83.3/fonts/toga-icons.woff2?868a651e2bef4d0ff689085fd1480378
Requested by
Host: cdn.thinkific.com
URL: https://cdn.thinkific.com/assets/toga-css/0.83.3/fonts/toga-icons.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:239f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be5687b3c46cca581e59b25811fdadf0b26fbec7fbc912cdeef739fcaac3006c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://cdn.thinkific.com/assets/toga-css/0.83.3/fonts/toga-icons.css
Origin
https://courses.null-char.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:52:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
MISS
x-amz-version-id
UHUjbst4_eH9BNPZyVdNyPdOenOTgu1K
x-amz-request-id
GZJNP4S5YXWBW1PZ
x-amz-server-side-encryption
AES256
content-length
14472
x-amz-id-2
18vAYhH9pwZdOjVf8DLf2FoN8LguFNwSmTtMdLEKYcT4SMIwWTCZBhfoZBCSpng26ODLXTKHd28=
last-modified
Wed, 11 Oct 2023 23:38:11 GMT
server
cloudflare
etag
"1cc236bc2b1baa78683de1bf22baa87c"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-max-age
3000
accept-ranges
bytes
cf-ray
851388132faebb49-FRA
expires
Wed, 05 Feb 2025 12:52:39 GMT
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,200,300,400,400i,500,600,700,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://courses.null-char.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 15:22:57 GMT
x-content-type-options
nosniff
age
250182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24408
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:14:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Feb 2025 15:22:57 GMT
sfkgMPzT06UCfARFvbeQ_Art%20of%20Malware%20Analysis.png
import.cdn.thinkific.com/627020/courses/1774002/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://import.cdn.thinkific.com/627020/courses/1774002/sfkgMPzT06UCfARFvbeQ_Art%20of%20Malware%20Analysis.png
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:239f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3cbc82cd95eb7b89f9fe133eca78ec77e18232e124fa7d32bec49fd90488bb0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:52:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
MISS
x-amz-request-id
GZJX27B5TAXJQ8SQ
x-amz-server-side-encryption
AES256
content-length
97997
x-amz-id-2
Y6IopK0ZvqZg0B2q+o+xupCIJPat2j8dy/uFHbv7VSTRTNcbnaaT4+d/Qd3fYK7eNLdGMm3hX4s=
last-modified
Tue, 08 Mar 2022 09:25:17 GMT
server
cloudflare
etag
"d8b51d7d465c9806ad5a8ae6ad26f2da"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
851388132f004d26-FRA
expires
Tue, 06 Feb 2024 16:52:40 GMT
email-decode.min.js
courses.null-char.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://courses.null-char.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:239f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/courses/the-art-of-malware-analysis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:52:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Tue, 30 Jan 2024 18:47:37 GMT
server
cloudflare
content-encoding
gzip
etag
W/"65b94449-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
851388131b431c0f-FRA
expires
Thu, 08 Feb 2024 12:52:39 GMT
banner.js
cdn.paritydeals.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.paritydeals.com/banner.js
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2447:6800:c:8a20:d7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7c941655fefca57e20cdf072aa52e1549b5d0f2cca80c57b6037b04b676994d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 11:02:35 GMT
content-encoding
gzip
via
1.1 a1794152acd53f12f14f902d8899b420.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 10:25:56 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P5
age
13123
x-amz-server-side-encryption
AES256
etag
W/"5670494057ba21c69c16ce0edbfcda9d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
K_PEmyco9nrFY-8r2UNE0mWsnz60_ec-v2_emZHoIgbuo9-S_Fikdg==
script.min-1682562865.js
cdn-themes.thinkific.com/627020/378719/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-themes.thinkific.com/627020/378719/script.min-1682562865.js
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29457974d173aa836f7dcd7d9d277b22c7ace6fe067b2b71a9e9eab8b96dbbd9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:52:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 27 Apr 2023 02:34:27 GMT
server
cloudflare
x-amz-request-id
GZJTXRRSKAQJF1WX
etag
W/"6f0307c2ca2acfa69a3e02a838cb7522"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
85138813480e9119-FRA
x-amz-id-2
srQ6r7MbNNYiwDaI+Y813aAD3UCe0Nkf2Joxl/TWiyny52UWzBlilb8JjeO+D3VYVd8beiNF3Qo=
expires
Tue, 06 Feb 2024 16:52:40 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://courses.null-char.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:52:39 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4722774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AvJ4kKARdDYcArJpe7XJPPKYor%2Fl2z0kEdnqdYGfw8zB4vd5TPli1P%2FP28On9TCMiAsC5ZgZ0N7izk8VTxto6zpGBq2LCip3iouGJ625O%2FVcFOOFKJ0e5KPXvpk%2BbDEFBchViuZ3dwgjecmNo3jOfWmc"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
851388134bc86943-FRA
expires
Sun, 26 Jan 2025 12:52:39 GMT
fIPhvhr1TCiKgFwYqz32_53417-PP.jpg
import.cdn.thinkific.com/cdn-cgi/image/width=250,onerror=redirect/627020/
Redirect Chain
  • https://import.cdn.thinkific.com/627020/fIPhvhr1TCiKgFwYqz32_53417-PP.jpg?width=250
  • https://import.cdn.thinkific.com/cdn-cgi/image/width=250,onerror=redirect/627020/fIPhvhr1TCiKgFwYqz32_53417-PP.jpg
12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://import.cdn.thinkific.com/cdn-cgi/image/width=250,onerror=redirect/627020/fIPhvhr1TCiKgFwYqz32_53417-PP.jpg
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Server
2606:4700:4400::6812:239f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56344e3905a13a9f4849ded4f8e8e0c0db5aa7adc9c94fccc10c316913bbc103
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:52:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
12782
cf-resized
internal=ok/m q=0 n=67+0 c=4+28 v=2024.1.3 l=12782
last-modified
Thu, 27 Apr 2023 07:06:51 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfKN4ojLCzQkgCXykdR_Q0-VxRTaTkgW0Ogf2O2QVTDQ:3228bf1cc5026599ce3239e0150de9d2"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
851388160a444d26-FRA
priority
u=1;i=?0,cf-chb=(260;u=3;i=?0 1575;u=5;i=?0 5682;u=6;i=?0)

Redirect headers

location
https://import.cdn.thinkific.com/cdn-cgi/image/width=250,onerror=redirect/627020/fIPhvhr1TCiKgFwYqz32_53417-PP.jpg
date
Tue, 06 Feb 2024 12:52:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
cloudflare
cf-ray
851388132f024d26-FRA
content-length
0
vary
Accept-Encoding
all.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
acef5e7cab1b869eb2f0b9434c91410a1571b536c9fe798946b70708d9eda6c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Feb 2024 12:52:39 GMT
content-md5
DPCrXITn2ZUrGkmKSt6ohg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug
Zdc9P6+sZ0D4GrRzmOaR7Z3l1F/BJmhIt6PbEFIrfHrGaH9RBJHULwd+HVAYpnMeWoB3K+YFKAZ98NXGMwWaYg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
678c50e6290fbf93b8c0dfc0d14df5fc
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"6de2f8cc30a0b0c2fe7168815444bb1c"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 06 Feb 2024 13:01:36 GMT
widgets.js
platform.twitter.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:52:39 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
27597
x-served-by
cache-iad-kjyo7100044-IAD, cache-muc13948-MUC
last-modified
Mon, 11 Dec 2023 17:20:28 GMT
etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
tw-cdn
FT
plusone.js
apis.google.com/js/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c8aa2a3f11c98a965938267f743e26504d3127d68cc425821c8a8a1f523a670
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Feb 2024 12:52:39 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"da0cdea429f205a7"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Feb 2024 12:52:39 GMT
all.js
connect.facebook.net/en_US/ 		299 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=f472882ff8f28281a2f0ee358750cc60
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e4eb0582978bb037bd05209b999e2ea051bca32e30e112f62fe987d5e356ae38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://courses.null-char.com/
Origin
https://courses.null-char.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Feb 2024 12:52:39 GMT
content-md5
YP+e0upfBtVjRnio/v2ESg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86451
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug
BDrBllL/n8lM0ML6AUw59QWetep3bgKuWnsv9iAvGpm7vqgt0Nh42EARRzA9qbBFs3TWH2gBYRPXX12PEA+J9A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
3fbcd700624b02e3d50c5ae73fb1d619
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"e4d3079e8f6b5b9e177b89989e36923b"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Wed, 05 Feb 2025 11:28:17 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/ 		158 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266d386b294c2a628ca6c650a288b58c6ee6e652a1ee32de8bfcb38020f6439a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:33:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
584336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55902
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 19:05:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 18:33:43 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=284275161658450&input_token&origin=1&redirect_uri=https%3A%2F%2Fcourses.null-char.com%2Fcourses%2Fthe-art-of-malware-analysis&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=f472882ff8f28281a2f0ee358750cc60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=()
strict-transport-security
max-age=15552000; preload
date
Tue, 06 Feb 2024 12:52:39 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
xhhhIdbF/XWL5A6JtBcinVoztCh99yxxjx2UBcf5KPnOXREOmky7YGS3YU7ebdhhLP8LRShoOAoRAp/D8iwX3g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://courses.null-char.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
api.paritydeals.com/api/v1/deals/discount/ 		898 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.paritydeals.com/api/v1/deals/discount/?url=https://courses.null-char.com/courses/the-art-of-malware-analysis
Requested by
Host: cdn.paritydeals.com
URL: https://cdn.paritydeals.com/banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.122.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-122-114.us-west-2.compute.amazonaws.com
Software
gunicorn /
Resource Hash
4272acc4298f27f81f8e64ca147ede0aa583c2da06eee25579267fc3c54387f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://courses.null-char.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:52:40 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
server
gunicorn
x-frame-options
DENY
vary
Accept, Cookie, Origin
content-type
application/json
allow
GET, OPTIONS
access-control-allow-origin
*
content-length
898
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame D0C1 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fcourses.null-char.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://courses.null-char.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105429
content-type
text/html; charset=utf-8
date
Tue, 06 Feb 2024 12:52:40 GMT
etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified
Mon, 11 Dec 2023 17:19:49 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kjyo7100176-IAD, cache-muc13948-MUC
main.js
courses.null-char.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame F127
Redirect Chain
  • https://courses.null-char.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://courses.null-char.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://courses.null-char.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Protocol
H2
Server
2606:4700:4400::6812:239f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9957bbdb0a768b265b7a942a69c8015011dc57b3f1c723e0fcf1fd8afd5b202
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:52:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
851388170f5d1c0f-FRA

Redirect headers

date
Tue, 06 Feb 2024 12:52:40 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
cache-control
max-age=300, public
cf-ray
85138816dece1c0f-FRA
settings
syndication.twitter.com/ Frame D0C1 		869 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=3a4efdd65e4d9dff9d5009a739bc17063ad7f693
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fcourses.null-char.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-response-time
115
date
Tue, 06 Feb 2024 12:52:39 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Tue, 06 Feb 2024 12:52:40 GMT
server
tsa_f
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
def3686f494a7e2f
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7469935968
x-connection-hash
825502d8cd34e266f037b6f023a90f87a46a216322a8e5223f22b4714b29a935
content-length
337
8513880e3e371c0f
courses.null-char.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame F127 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://courses.null-char.com/cdn-cgi/challenge-platform/h/g/jsd/r/8513880e3e371c0f
Requested by
Host: courses.null-char.com
URL: https://courses.null-char.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:239f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Feb 2024 12:52:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
851388178fd11c0f-FRA
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| Thinkific string| thinkific_google_analytics_disabled string| tcd string| tenantGoogleAnalyticsKey undefined| tenantCD string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| createOptions function| instantiateCreditCardForm function| recreateCreditCardForm object| StripeCreditCardForm object| ThinkificAnalytics object| respond object| jstz object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| recaptcha boolean| courseCurriculumShowMoreToggleBound object| FB object| __twttrll object| twttr object| __twttr object| gapi object| ___jsl object| __buffer object| _F_toggles object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| dueDate object| $curriculumHeader object| $instructorSection object| $instructorSectionInstructors object| $logosSection object| $reviewsSection object| $reviewsSectionReviews object| $testimonialsSection object| $testimonialsSectionTestimonials object| $videoSection object| $signUpForm object| $bannerCourse

6 Cookies

Domain/Path Name / Value
courses.null-char.com/ Name: visitor_id
Value: 2328085410
courses.null-char.com/ Name: _thinkific_session
Value: ODdSS1Nnd2hMdGVCOFZzUVRtY3VKbFE0R1BTbTlFRzFjd3h2S3MxR1NLTVNhdldRUTV4NVBIV1VEc3JIdlh3TGJxYzNreGx2bUxNVitjYnovcUpFV3RITC9CS0QreVMzcVRRYU5zNWtielplU2w5ZGoyb3FPMDZicWcwNWpwODBybEdvbnorVksySnR0bnYvNzh6Wm53PT0tLXVJekZnNG5nbHpiSlRzUW9GdDJpMEE9PQ%3D%3D--090d02a8567a83784182e40ac27f0d8df4de5045
.courses.null-char.com/ Name: __cf_bm
Value: 5TpdVOdXxw.esBnOUBDp9ZQQV0rM7OC5ps9IDFiyvhI-1707223959-1-AZu5njaAPeZoUwL6porDW0PksplsHeT5r4btgCgIdp+YwqXcs7r2z+XQ7dDyFd9dqjGjk82HdPkxEiR4uQ95b1M=
.thinkific.com/ Name: __cf_bm
Value: vn5tVi.XRHAgTtGkPLd9it_wWK3y7Xja_u1imxzrPyE-1707223959-1-AfVW4wf+PZOSO/+wVaitbnAmhuDyXoiJX834zPhgQ76e51nfdwFN3UAuyhe0WDo1YzSXBpOban2RyKtOJZmvbGc=
.google.com/ Name: NID
Value: 511=WNr7EX-WYO5jEn3ercUMKqQud52t5HK7cmp8aWr9Rh3G5B27okfz9XUPCgeeclci82fg1AfbHA4vAcSZm7jMt7uQcKbd_4f2Hn3C3ddIV51J6lH3FV0eX42h5oYytCL1IkjhyK1zsQ5gQc5AsMmRh7KHiLqi4iH9OR9mG_7BZ2g
.courses.null-char.com/ Name: cf_clearance
Value: xEudropjcLWG4gK5eafacRucVO.KWTBxtkrETGuIDkU-1707223960-1-ATLq98ezN0RJlYjvakDkFWaRmMwxLueXdlWBVxsZmtrXa/Z65Qyg43715AJUKp64NgzVijH6nv5iLR8vT2e1Z9c=

11 Console Messages

Source Level URL
Text
other warning URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://courses.null-char.com/courses/the-art-of-malware-analysis
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.paritydeals.com
apis.google.com
assets.thinkific.com
cdn-themes.thinkific.com
cdn.paritydeals.com
cdn.thinkific.com
cdnjs.cloudflare.com
connect.facebook.net
courses.null-char.com
fonts.googleapis.com
fonts.gstatic.com
import.cdn.thinkific.com
platform.twitter.com
syndication.twitter.com
www.facebook.com
www.google-analytics.com
www.google.com
www.gstatic.com
104.244.42.72
199.232.188.157
2600:9000:2394:2000:1e:d21e:3d00:93a1
2600:9000:2447:6800:c:8a20:d7c0:93a1
2606:4700:4400::6812:239f
2606:4700:4400::ac40:9861
2606:4700::6811:190e
2a00:1450:4001:80b::2004
2a00:1450:4001:80b::200e
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2003
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
52.38.122.114
05bc968429f41be17ac5b589da9708e4b9e7a6c9e94b3ca324d56d97b001a7e3
0c52781b09739518548c3162e58fd880338d8f359bbdae0d78dcbfd6f6bc622d
15dd40f19386303a8f905168185e422e41815f8fa2d655d860a0a676e173b460
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
2235cb7f020758bdc9d09704eb9da1a8d27969737d82798f804417f5e08cb6df
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
266d386b294c2a628ca6c650a288b58c6ee6e652a1ee32de8bfcb38020f6439a
29457974d173aa836f7dcd7d9d277b22c7ace6fe067b2b71a9e9eab8b96dbbd9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
4272acc4298f27f81f8e64ca147ede0aa583c2da06eee25579267fc3c54387f1
56344e3905a13a9f4849ded4f8e8e0c0db5aa7adc9c94fccc10c316913bbc103
56ee3e445afd11deaa93a33f91cf56d1f274e1c5119c9b12911b31b1c069fc6e
5c8aa2a3f11c98a965938267f743e26504d3127d68cc425821c8a8a1f523a670
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
946b94a8950f5c910c8105ff45168cea66642baa27a398b96c7b81304e2a382a
9d71f71f397da987bce397bff97f4b892d04fef24b2e307419f55b3f6859cbee
9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52
a277f167248ccbbf09751d63867b3f258aa24629cec669071319124906fe320e
acef5e7cab1b869eb2f0b9434c91410a1571b536c9fe798946b70708d9eda6c6
b3cbc82cd95eb7b89f9fe133eca78ec77e18232e124fa7d32bec49fd90488bb0
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
be5687b3c46cca581e59b25811fdadf0b26fbec7fbc912cdeef739fcaac3006c
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d7c941655fefca57e20cdf072aa52e1549b5d0f2cca80c57b6037b04b676994d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4eb0582978bb037bd05209b999e2ea051bca32e30e112f62fe987d5e356ae38
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9957bbdb0a768b265b7a942a69c8015011dc57b3f1c723e0fcf1fd8afd5b202
ffd359cd146f521daa58055cb736d5b62d61358e88766b35b8be02827f8cd56e