URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Submission: On October 04 via api from TR — Scanned from DE

Summary

This website contacted 34 IPs in 3 countries across 30 domains to perform 78 HTTP transactions. The main IP is 63.35.51.142, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.oligo.security.
TLS certificate: Issued by R3 on July 19th 2023. Valid for: 3 months.
This is the only time www.oligo.security was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 63.35.51.142 16509 (AMAZON-02)
17 18.66.112.109 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
11 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.222.232.144 16509 (AMAZON-02)
1 3 2600:9000:215... 16509 (AMAZON-02)
1 76.76.21.98 16509 (AMAZON-02)
1 2a06:98c1:320... 13335 (CLOUDFLAR...)
1 2606:50c0:800... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.37 16509 (AMAZON-02)
1 13.32.27.21 16509 (AMAZON-02)
1 172.65.202.85 13335 (CLOUDFLAR...)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 172.65.208.22 13335 (CLOUDFLAR...)
1 151.101.2.137 54113 (FASTLY)
1 63.35.249.238 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a06:98c1:320... 13335 (CLOUDFLAR...)
2 172.65.219.229 13335 (CLOUDFLAR...)
2 172.65.238.60 13335 (CLOUDFLAR...)
4 172.65.192.122 13335 (CLOUDFLAR...)
2 172.65.202.201 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 162.247.241.2 23467 (NEWRELIC-...)
1 2600:9000:20e... 16509 (AMAZON-02)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 172.65.240.166 13335 (CLOUDFLAR...)
3 52.222.236.2 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
78 34
Apex Domain
Subdomains
Transfer
17 webflow.com
uploads-ssl.webflow.com — Cisco Umbrella Rank: 18588
1 MB
11 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 12088
580 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 830
www.linkedin.com — Cisco Umbrella Rank: 951
px4.ads.linkedin.com — Cisco Umbrella Rank: 7048
5 KB
5 hubspot.com
api-eu1.hubspot.com — Cisco Umbrella Rank: 69721
app.hubspot.com — Cisco Umbrella Rank: 10205
track-eu1.hubspot.com — Cisco Umbrella Rank: 27122
9 KB
4 hscollectedforms.net
js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 44279
forms-eu1.hscollectedforms.net — Cisco Umbrella Rank: 45719
51 KB
3 zi-scripts.com
js.zi-scripts.com — Cisco Umbrella Rank: 23579
3 KB
3 nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 3217
2 KB
3 hs-scripts.com
js-eu1.hs-scripts.com — Cisco Umbrella Rank: 23603
js.hs-scripts.com — Cisco Umbrella Rank: 4897
3 KB
3 privado.ai
www.cdn.privado.ai — Cisco Umbrella Rank: 102344
cdn.privado.ai — Cisco Umbrella Rank: 95383
51 KB
2 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 10820
2 KB
2 hs-banner.com
js-eu1.hs-banner.com — Cisco Umbrella Rank: 25966
38 KB
2 hs-analytics.net
js-eu1.hs-analytics.net — Cisco Umbrella Rank: 26372
42 KB
2 hsadspixel.net
js-eu1.hsadspixel.net — Cisco Umbrella Rank: 39674
6 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1593
9 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1261
script.hotjar.com — Cisco Umbrella Rank: 1629
60 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
166 KB
2 oligo.security
www.oligo.security
go.oligo.security
36 KB
1 hubapi.com
api-eu1.hubapi.com — Cisco Umbrella Rank: 40637
1 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 2079
397 B
1 google.de
www.google.de — Cisco Umbrella Rank: 3974
455 B
1 google.com
www.google.com — Cisco Umbrella Rank: 11
455 B
1 hubspotusercontent-eu1.net
26088573.fs1.hubspotusercontent-eu1.net
22 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1878
256 B
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 8895
161 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 969
19 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
2 KB
1 githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 3717
1 refokus.com
tools.refokus.com — Cisco Umbrella Rank: 192249
1 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
31 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
5 KB
78 30
Domain Requested by
17 uploads-ssl.webflow.com www.oligo.security
uploads-ssl.webflow.com
11 static.hsappstatic.net www.oligo.security
go.oligo.security
static.hsappstatic.net
3 js.zi-scripts.com www.oligo.security
js.zi-scripts.com
3 px.ads.linkedin.com 3 redirects
3 bam-cell.nr-data.net go.oligo.security
static.hsappstatic.net
2 ws.zoominfo.com js.zi-scripts.com
2 track-eu1.hubspot.com www.oligo.security
2 forms-eu1.hscollectedforms.net js-eu1.hscollectedforms.net
static.hsappstatic.net
2 js-eu1.hs-banner.com js-eu1.hs-scripts.com
go.oligo.security
2 js-eu1.hscollectedforms.net js-eu1.hs-scripts.com
go.oligo.security
2 js-eu1.hs-analytics.net js-eu1.hs-scripts.com
go.oligo.security
2 js-eu1.hsadspixel.net js-eu1.hs-scripts.com
go.oligo.security
2 app.hubspot.com static.hsappstatic.net
2 js-eu1.hs-scripts.com www.googletagmanager.com
www.oligo.security
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 www.googletagmanager.com www.oligo.security
www.googletagmanager.com
2 cdn.privado.ai www.oligo.security
text
1 api-eu1.hubapi.com js-eu1.hsadspixel.net
1 px4.ads.linkedin.com www.oligo.security
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 www.google.de www.oligo.security
1 www.google.com www.oligo.security
1 26088573.fs1.hubspotusercontent-eu1.net www.oligo.security
1 js.hs-scripts.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 content.hotjar.io script.hotjar.com
1 js-agent.newrelic.com go.oligo.security
1 googleads.g.doubleclick.net www.googletagmanager.com
1 api-eu1.hubspot.com static.hsappstatic.net
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.oligo.security
1 raw.githubusercontent.com www.oligo.security
1 go.oligo.security static.hsappstatic.net
1 tools.refokus.com www.oligo.security
1 www.cdn.privado.ai 1 redirects
1 d3e54v103j8qbb.cloudfront.net www.oligo.security
1 cdn.jsdelivr.net www.oligo.security
1 www.oligo.security
78 39
Subject Issuer Validity Valid
www.oligo.security
R3
2023-07-19 -
2023-10-17
3 months crt.sh
uploads-ssl.webflow.com
Amazon RSA 2048 M02
2023-07-29 -
2024-08-26
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
hsappstatic.net
Cloudflare Inc ECC CA-3
2023-04-10 -
2024-04-09
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
tools.refokus.com
R3
2023-09-30 -
2023-12-29
3 months crt.sh
go.oligo.security
GTS CA 1P5
2023-09-11 -
2023-12-10
3 months crt.sh
*.github.io
DigiCert TLS RSA SHA256 2020 CA1
2023-02-21 -
2024-03-20
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
cdn.privado.ai
Amazon RSA 2048 M02
2023-06-14 -
2024-07-12
a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2023-02-05 -
2024-02-05
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-02-01 -
2024-01-31
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2
2023-04-13 -
2024-05-14
a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02
2023-03-02 -
2024-03-30
a year crt.sh
hubspotusercontent-eu1.net
Cloudflare Inc ECC CA-3
2023-09-30 -
2024-09-29
a year crt.sh
www.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
www.google.de
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-18 -
2023-12-19
a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01
2023-06-08 -
2024-07-07
a year crt.sh
hubapi.com
Cloudflare Inc ECC CA-3
2023-04-07 -
2024-04-06
a year crt.sh
js.zi-scripts.com
Amazon RSA 2048 M03
2023-09-17 -
2024-10-16
a year crt.sh
zoominfo.com
Cloudflare Inc ECC CA-3
2023-04-04 -
2024-04-03
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Frame ID: 643B908E7E0CD2704CA87C9ABD721EA6
Requests: 61 HTTP requests in this frame

Frame: https://go.oligo.security/meetings/mktg/shelltorch-briefing?embed=true&parentHubspotUtk=38b67ef2e4c2994ae919ae1dd219a5d4&parentPageUrl=https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Frame ID: 26798312376455B6EDC469C04AF3A10F
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

ShellTorch: Multiple Critical Vulnerabilities in PyTorch Model Server (TorchServe) (CVSS 9.9, CVSS 9.8) Threatens Countless AI Users

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

78
Requests

95 %
HTTPS

49 %
IPv6

30
Domains

39
Subdomains

34
IPs

3
Countries

2382 kB
Transfer

8491 kB
Size

28
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://www.cdn.privado.ai/514bc17efc954ef5bc7f8225f793d47f.js HTTP 302
  • https://cdn.privado.ai/geo/514bc17efc954ef5bc7f8225f793d47f_Global.js
Request Chain 58
  • https://js.hs-scripts.com/26088573.js?analyticsCommon=true HTTP 307
  • https://js-eu1.hs-scripts.com/26088573.js?analyticsCommon=true
Request Chain 72
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1696401504097&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1696401504097&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5919313%26time%3D1696401504097%26url%3Dhttps%253A%252F%252Fwww.oligo.security%252Fblog%252Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1696401504097&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1696401504097&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654&cookiesTest=true&liSync=true&e_ipv6=AQLdO8h1TPoPMQAAAYr5aL38DCa41z9OuBR6upr7XAha-c83ZCaXmaPL7--Z6LoUVa52RBAwzASMyw

78 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
www.oligo.security/blog/
40 KB
14 KB
Document
General
Full URL
https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.35.51.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-51-142.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
26ad2c35305cd7babe6afa8b8714dc5f24158bdf228311f130dd526bfc565fdd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
33057
content-encoding
gzip
content-length
13813
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Wed, 04 Oct 2023 06:38:22 GMT
vary
Accept-Encoding,x-wf-forwarded-proto
x-cache
HIT, HIT
x-cache-hits
202, 1
x-cluster-name
eu-west-1-prod-hosting-red
x-frame-options
SAMEORIGIN
x-lambda-id
95c457b2-f99b-4c57-b007-b0b396dd8c43
x-served-by
cache-iad-kjyo7100050-IAD, cache-lhr7389-LHR
x-timer
S1696401503.816347,VS0,VE1
oligosecurity.webflow.4607d6e05.min.css
uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/css/
115 KB
22 KB
Stylesheet
General
Full URL
https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.4607d6e05.min.css
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14c678ef4d3fa28980a58adb416052ec37539fbbbd548fd4d02c10b726881de4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 21:27:05 GMT
content-encoding
gzip
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-version-id
6cCchvU3Ja0KSqQO1J1.Zn0YeN.9N0vK
age
33078
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21792
last-modified
Tue, 03 Oct 2023 21:27:01 GMT
server
AmazonS3
etag
"0297a39cb94df971a4a2dd322fecd042"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
vAiC3YD4hHKOKCtkYiZSaklwEPmRCrlyyedDItfm1GIH3qc8k_pIeA==
richtext.js
cdn.jsdelivr.net/npm/@finsweet/attributes-richtext@1/
8 KB
5 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@finsweet/attributes-richtext@1/richtext.js
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c699eb55ae3fe61b3d783c8936ab1eb949c596a5c89118f703e328ede2b8308
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27620
x-jsd-version
1.10.2
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230035-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"2147-I41v+oq443LPQB6aPqMil27q9QY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2RX5tj1rz2GjoZ938x6wWXswSdmkwlj1oivGSLoO06x%2FI%2Bt2LIgeg%2Fi%2BSIZs%2B3ElZh3gAw9Ef83iqrBcvSjTprhCRAlxG8hd51JLZBi7c8GlPnWEl99Q4%2FNVUG3G3OuDMx5f75bquTcwcn4oXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
810b6bf0dfcfbc04-FRA
65198da142ecd9f2cd99a12c_2dfKB9PrLvUy6_0m-lc5UJvGXMrEH77L1lmmqOXyzu4hm_0QVv46q2wqtCca0sNs9Ps_vSrX4NwI3HaHk_PIlrvLl7jY8F061vqam1BAY_xgqLPVPZLm8DNXRN29Sxscr4X2HTItC55Q4OwPAhEicoU.png
uploads-ssl.webflow.com/63e8dd453f71270c6845992b/
282 KB
283 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/63e8dd453f71270c6845992b/65198da142ecd9f2cd99a12c_2dfKB9PrLvUy6_0m-lc5UJvGXMrEH77L1lmmqOXyzu4hm_0QVv46q2wqtCca0sNs9Ps_vSrX4NwI3HaHk_PIlrvLl7jY8F061vqam1BAY_xgqLPVPZLm8DNXRN29Sxscr4X2HTItC55Q4OwPAhEicoU.png
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e27899241b25afca9b153d037ed6d24d5b98faf16bb279df2cbe93dd83bfd7b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:48:14 GMT
x-amz-version-id
XUVOYMzN7jOnTy9BsyrZQbop6tCDH.YZ
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age
49808
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
288593
last-modified
Sun, 01 Oct 2023 15:17:54 GMT
server
AmazonS3
etag
"d74fa4e5a573a8b32c83affc7abdd8f5"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
BMvytvCJEJZn6-O4JOGhDAqm8ILsiFHMc5MhhOGX7h8O7_J5OJph5g==
MeetingsEmbedCode.js
static.hsappstatic.net/MeetingsEmbed/ex/
3 KB
2 KB
Script
General
Full URL
https://static.hsappstatic.net/MeetingsEmbed/ex/MeetingsEmbedCode.js
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c59568d0910e070f81e4f29256bcd83e5fa9217230e2eeb5b2f1cce66f15d0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:22 GMT
x-amz-version-id
G06CBr66D7JO6H8PoRJY0VBnQLLRuYiF
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA6-C1
age
22
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Oct 2022 14:24:12 GMT
server
cloudflare
etag
W/"bf38f9c2121bff527bb6c2db7f7480df"
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=260kWXeZOczJvmQW9QNep%2FRZ75pKItxiNcvhK957YPEg5ST3USNboFpzbNLriHh3N5cSzj855B6uWiwO4sznoXFDg6DtmPbKl2%2FkrcexkD%2BBAPqvzwIgmXimZghCEQTrmF%2BRVZ4Lo9Kw1YFEtuFp7ub15U4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=60
cf-ray
810b6bf11fa3bbe9-FRA
x-amz-cf-id
zyKXBhDBVALDJ7zAFIOYgksNZjtTCJbEiAvYHZYqDo6KmAJOuEV62w==
expires
Wed, 04 Oct 2023 06:39:22 GMT
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/
87 KB
31 KB
Script
General
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=63dbb928e89213590c5bfd53
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-144.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://www.oligo.security/
Origin
https://www.oligo.security
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 10:17:08 GMT
content-encoding
gzip
via
1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
age
81201
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
d0qfwLenNEIqQzVmMwkrltkBzGQSNTv_q5TXa4C38R1GCggJhN_Y0g==
webflow.86e7d495d.js
uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/js/
574 KB
169 KB
Script
General
Full URL
https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/js/webflow.86e7d495d.js
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b23f161dd93252c739990e4f867432b4edd417cfbeb878cefd3faa3ee8fff63a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
j1XVNv.TJVnnMvQSidz_wD4KEM.HXnhg
content-encoding
gzip
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
date
Tue, 03 Oct 2023 17:03:14 GMT
age
48908
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
172497
last-modified
Mon, 02 Oct 2023 17:05:02 GMT
server
AmazonS3
etag
"65b3c07cf66e53ca86a5a1880321ac71"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
JXBgi4r5WEtA0Wnx-Nz5vnN4mKf-GXttMWIYQ5nASfeBeU2TZD4kgg==
514bc17efc954ef5bc7f8225f793d47f_Global.js
cdn.privado.ai/geo/
Redirect Chain
  • https://www.cdn.privado.ai/514bc17efc954ef5bc7f8225f793d47f.js
  • https://cdn.privado.ai/geo/514bc17efc954ef5bc7f8225f793d47f_Global.js
48 KB
49 KB
Script
General
Full URL
https://cdn.privado.ai/geo/514bc17efc954ef5bc7f8225f793d47f_Global.js
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Server
2600:9000:2156:8600:14:dc98:7700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e7428b0935c232cc780f01fe63950a80159bec35f820290b25fe028f969124b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 08:05:13 GMT
x-amz-version-id
STegUBUSKc3BAqFYMVkFzY70LLANaTtV
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified
Mon, 13 Feb 2023 09:23:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
1204391
etag
"a79552bebaa6f5b3ef89932e3071cb3e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
49425
x-amz-cf-id
JQnLC6oDn7arCeZIIwUq_u4fHZ7As_w-8gZcmCuDD9dv1W4CgCBY1Q==

Redirect headers

date
Thu, 21 Sep 2023 05:43:31 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA50-C1
age
1126492
x-cache
Hit from cloudfront
location
https://cdn.privado.ai/geo/514bc17efc954ef5bc7f8225f793d47f_Global.js
content-length
0
x-amz-cf-id
63oNL4u1lIAps9oQkAdv9cox6TUUxJ6uulcB_yo6cX-nHu5o8qO7Xw==
bundle.v1.0.0.js
tools.refokus.com/social-share/
2 KB
1 KB
Script
General
Full URL
https://tools.refokus.com/social-share/bundle.v1.0.0.js
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
57a1be218332ffe88ab1757b2786ea6c193456814044ac6ca5aed7ef6e292e13
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:22 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::wk5mc-1696401502984-ddcfa9c4b50f
age
19245850
etag
W/"5ab5e077823e9ac9fe87506050035832"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="bundle.v1.0.0.js"
63e8f3f05b939f21199f79e6_Runtime%20application%20security%20and%20observability%20-%20Oligo%20blog%20vis.svg
uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/
3 KB
1 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/63e8f3f05b939f21199f79e6_Runtime%20application%20security%20and%20observability%20-%20Oligo%20blog%20vis.svg
Requested by
Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.4607d6e05.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1df30db67bd1142700a1d2d22015595e8f2c0ae5cdb429d10ba2404adef7d7d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.4607d6e05.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 07:31:01 GMT
x-amz-version-id
x2f7bVZMdFn4ZyioNVEJT9.uJzR5or2L
content-encoding
br
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age
1033642
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 12 Feb 2023 14:13:05 GMT
server
AmazonS3
etag
W/"4b4656ca97e042a02ff500611312ff2b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-id
5mBr-KTkLOYs7ZxBnok7jbOfIof23HH55tIEFijrKDvm2QaOL0IJ6g==
63dc05e2cfbac0ece72ff3ca_Radomir%20Tinkov%20-%20Gilroy-Regular.otf
uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/
53 KB
53 KB
Font
General
Full URL
https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/63dc05e2cfbac0ece72ff3ca_Radomir%20Tinkov%20-%20Gilroy-Regular.otf
Requested by
Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.4607d6e05.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11f0395ac2ad058ebbd3b44a9be3f387611e9e14bdd10b7eac7d38ce5c5c7776

Request headers

Referer
https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.4607d6e05.min.css
Origin
https://www.oligo.security
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 14:52:06 GMT
x-amz-version-id
BzB8ps.CdJarU6WYl1EsbVJjjaYaeqkT
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age
19928777
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
53840
last-modified
Thu, 02 Feb 2023 18:50:11 GMT
server
AmazonS3
etag
"1e09f38cc59a3ccc24cd2d7d745566ac"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-font-otf
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
WMOPxa6fjajr6vGDJF8pBrPzh0XRnSVaICw06RNEA49UoeggmSNkJA==
truncated
/
2 KB
2 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845

Request headers

Referer
Origin
https://www.oligo.security
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
63dc05d9d459af7ad9dd1409_Radomir%20Tinkov%20-%20Gilroy-Bold.otf
uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/
54 KB
55 KB
Font
General
Full URL
https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/63dc05d9d459af7ad9dd1409_Radomir%20Tinkov%20-%20Gilroy-Bold.otf
Requested by
Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.4607d6e05.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
34273b76dd2e55cf68a5ff82223c7dbb30d04babf0fbe177f7957c65be8e4f4c

Request headers

Referer
https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.4607d6e05.min.css
Origin
https://www.oligo.security
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 14:52:06 GMT
x-amz-version-id
VN126xkj1b9POhHM323G8l93oXv3WTUQ
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age
19928777
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
55376
last-modified
Thu, 02 Feb 2023 18:50:03 GMT
server
AmazonS3
etag
"17cb9303df7b7264b9c4ef0953366617"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-font-otf
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
Yd2GbvklNm1YmGMh1p2mPrlsp2XVpYSJ5yREd3gskxOdXkhPwXMxgg==
63dc05e24e0c824221d72ea9_Radomir%20Tinkov%20-%20Gilroy-Medium.otf
uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/
54 KB
54 KB
Font
General
Full URL
https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/63dc05e24e0c824221d72ea9_Radomir%20Tinkov%20-%20Gilroy-Medium.otf
Requested by
Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.4607d6e05.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f83677606b2235e0a687535c7a0a96156b554d622c659ceea7dbb90372225c6

Request headers

Referer
https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/css/oligosecurity.webflow.4607d6e05.min.css
Origin
https://www.oligo.security
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 14:52:06 GMT
x-amz-version-id
wOn3LB9K4yCmoxgGH04KROlnknacHvzm
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age
19928777
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
54972
last-modified
Thu, 02 Feb 2023 18:50:11 GMT
server
AmazonS3
etag
"9e12d6053ae1c539d9be9d6fa86d33a7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-font-otf
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
jYzwY3NEi4OYScGZJwUiHIzr078YaXt7flUKTwY5oQYy_UMXdQt6KA==
63e7f5d22d65536cbe69286e_Runtime%20application%20security%20and%20observability%20-%20Oligo%20logo.svg
uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/
5 KB
2 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/63e7f5d22d65536cbe69286e_Runtime%20application%20security%20and%20observability%20-%20Oligo%20logo.svg
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f8fb1dc8293237359c2422f574d9b9529f57c1efd83611e0174823c5c11c01d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 20:08:52 GMT
x-amz-version-id
5vpQ4Vr6HaN8rvBhDP3LKBrnFvavKBlZ
content-encoding
br
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age
20255370
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 11 Feb 2023 20:08:52 GMT
server
AmazonS3
etag
W/"003d807c691248fe7013c63a14b30a12"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-id
vkY5AmWq5ilafS9G7ze4gRmr3sSCKGpsbIzX0TnfCpSvvS3pmz96VA==
651c02c2d90d60a6dfdfc702_Ellipse%203616.png
uploads-ssl.webflow.com/63e8dd453f71270c6845992b/
21 KB
21 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/63e8dd453f71270c6845992b/651c02c2d90d60a6dfdfc702_Ellipse%203616.png
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6af21092e9d6830f1b129124d2895e541aa9113c6b00bb116d184056530b16fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:31:54 GMT
x-amz-version-id
2bAPo0S4ZnA7jFaiYVYTR3KrH4TuIGLS
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age
50789
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21362
last-modified
Tue, 03 Oct 2023 12:02:12 GMT
server
AmazonS3
etag
"eb9e36a707d95690563831f50c9b7e87"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
kCAyD2vhd_b8E9h-Z3d2PPEWWcRuo1dzdTcfrlHB0xdv4dklxK_tKA==
651c02cddfd2791d719a7f14_Ellipse%203617.png
uploads-ssl.webflow.com/63e8dd453f71270c6845992b/
14 KB
14 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/63e8dd453f71270c6845992b/651c02cddfd2791d719a7f14_Ellipse%203617.png
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b052ae02766f3a5f58f1c9204da57d64df5f5c01840c367cea6ec4a4568a84a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 16:48:15 GMT
x-amz-version-id
9ZoqiOGCPzSlp2r.EcSj44PNZ3pgnI5b
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age
49808
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14117
last-modified
Tue, 03 Oct 2023 12:02:23 GMT
server
AmazonS3
etag
"15cc1bbdf7982afcaac24ddb2c340fe9"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
BXZRnJsQZrghnHH8UnxcIErt240docQcmydFweI4QsTPUfFS5AKceA==
651c02da27d2a4f4f97b5e79_Ellipse%203618.png
uploads-ssl.webflow.com/63e8dd453f71270c6845992b/
14 KB
15 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/63e8dd453f71270c6845992b/651c02da27d2a4f4f97b5e79_Ellipse%203618.png
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4422814965de8256ef5f3e608d5052400d213cd2689758377faad24342a0170d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 15:51:04 GMT
x-amz-version-id
Y1pfVyK8b4J1yLM6aOZSnLbpd9eCBw5g
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age
53239
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14654
last-modified
Tue, 03 Oct 2023 12:02:35 GMT
server
AmazonS3
etag
"3cc881439fd2afdbd64b553558fdbdd8"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
6iA36gv1lHbqA7yLM48ookjVFBNSTaBpPJz3wGN9v8lk6yZZiw3P7Q==
63e699a712777076bc9d3685_linkedin.svg
uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/
940 B
1 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/63e699a712777076bc9d3685_linkedin.svg
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c867b00c1dbd3c7ac3af53d79d20ac9db3179579887db5bc6f4d071ab993c392

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 13:42:49 GMT
x-amz-version-id
e9VxNuEjCkHK9J9zxzOSKdwTs5.6uTQT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age
19932934
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
940
last-modified
Fri, 10 Feb 2023 19:23:21 GMT
server
AmazonS3
etag
"d24c7fc14f2a5f6e6d897795dd234cb5"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
yD2KhB52R4Mlq1XfmvF7xNmuRo_9gKIbUSrP9eKGIIveshkX5Uklqg==
63e699d3bafcc396e9c866d1_Twitter.svg
uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/
974 B
1 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/63e699d3bafcc396e9c866d1_Twitter.svg
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7dc092306d243a19a04da12bf4ba5cf495be8e33623db482ac0e6e66a6634146

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 14:52:15 GMT
x-amz-version-id
3VQMc_vvl_O8XD6RkqO9OFp46uYe6VXO
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age
19928768
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
974
last-modified
Fri, 10 Feb 2023 19:24:05 GMT
server
AmazonS3
etag
"da7677e082bdcea6a6009605193def93"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
ySoXh4eEKf5CaK1oQLZrkcRZeWlxAPeEuMZrqWpbUCsk1EjtczehdQ==
63e699ecce4fe7680bc34437_facebook.svg
uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/
625 B
1 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/63e699ecce4fe7680bc34437_facebook.svg
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91a3ed526e58ba6845c3ceebaeba0095c76e9ea6c5b2ce1e174aa3603589a4aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 14:52:15 GMT
x-amz-version-id
vyyEeFrkOkZ.YdJWhBmcZUr4Z_dl0ZB.
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age
19928768
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
625
last-modified
Fri, 10 Feb 2023 19:24:30 GMT
server
AmazonS3
etag
"3d94d6140ce4a9ff4736f46a00a2c666"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
z2eaZYIHrb8M241cCjdJ5y2B2UXBz6-7S6C4hhSVQiO7avYU7_IrIA==
64906dd5a836ca42170a1cf7_link.svg
uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/
1 KB
1 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/64906dd5a836ca42170a1cf7_link.svg
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a906213da48e61ce93ef61ee36def14e7bdae38449e1de2fe35306eac10eefd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 15:30:41 GMT
x-amz-version-id
vFQYOx1da5athJORDhQlVQXVFWDUKBZH
content-encoding
br
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age
745662
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 19 Jun 2023 15:01:43 GMT
server
AmazonS3
etag
W/"cea4105bd5f06758d90b7f563aebf207"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-id
JBBVGc3pmEOb102lS4mJ0KKkiFcfKOiGRlupu5rYiPNcptAI_pNroA==
651ad8b49bc421d706568426_ShellTorch-TorchServe-Oligo-Security-p-1080.png
uploads-ssl.webflow.com/63e8dd453f71270c6845992b/
237 KB
238 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/63e8dd453f71270c6845992b/651ad8b49bc421d706568426_ShellTorch-TorchServe-Oligo-Security-p-1080.png
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c04d4b56ef468d3121e3b201733a33eab1a4e75a590e7d26300f9a65456782e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 17:30:19 GMT
x-amz-version-id
UsvewXGo0entOxa7GPDt6ufRvJmft1DD
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age
133683
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
242659
last-modified
Mon, 02 Oct 2023 14:50:32 GMT
server
AmazonS3
etag
"fe6e10d78fe7d19514e564d6ce816060"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
0dJ_dO0WWGg6FgwLtwMG4oGG5sfDymU1gPYlQWbltmQVagrHU_q5yg==
shelltorch-briefing
go.oligo.security/meetings/mktg/ Frame 2679
63 KB
22 KB
Document
General
Full URL
https://go.oligo.security/meetings/mktg/shelltorch-briefing?embed=true&parentHubspotUtk=38b67ef2e4c2994ae919ae1dd219a5d4&parentPageUrl=https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Requested by
Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/MeetingsEmbed/ex/MeetingsEmbedCode.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3200::90:1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df4fc857bad2e3d88fc90243c476e32cb19b6258da04af2ffa13549f1bcd6d5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options no-sniff

Request headers

Referer
https://www.oligo.security/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
48290
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store
cf-cache-status
HIT
cf-ray
810b6bf1fc9730f6-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net snap.licdn.com www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net googleads.g.doubleclick.net www.googleadservices.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=MeetingsPublic/static-1.35589/html/public-eu1.html&cfRay=810b6bf2005730f6&reqUrl=https%3A%2F%2Fapp-eu1.hubspot.com%2Fmeetings%2Fmktg%2Fshelltorch-briefing%3Fembed%3Dtrue%26parentHubspotUtk%3D38b67ef2e4c2994ae919ae1dd219a5d4%26parentPageUrl%3Dhttps%3A%2F%2Fwww.oligo.security%2Fblog%2Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654&referrer=https%3A%2F%2Fwww.oligo.security%2F&cfenv=prod&pdt=2023-10-04&csp=ro
content-type
text/html; charset=utf-8
date
Wed, 04 Oct 2023 06:38:23 GMT
expires
Thu, 05 Oct 2023 06:38:23 GMT
last-modified
Mon, 02 Oct 2023 15:52:27 GMT
nel
{"report_to":"nel","max_age":86400}
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]} {"group":"nel","max_age":86400,"endpoints":[{"url":"https://nel.hsbrowserreports.com/browser/reporting/reports"}]}
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=810b6bf2005730f6&resource=MeetingsPublic/static-1.35589/html/public-eu1.html"
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-id
w3Bzu8jVoKihjYzAEBqrZo9qJFGA2r504jNyj8gUYF_cv_c1pn45mw==
x-amz-cf-pop
FRA56-P2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
G4r4XbCGXH1TTSR46YIJBRC7hc4UQ_IY
x-cache
Hit from cloudfront
x-content-type-options
no-sniff
x-hs-https-only
worker
x-hs-target-asset
MeetingsPublic/static-1.35589/html/public-eu1.html
x-hs-worker-debug-mode
false
shelltorchanim.mp4
raw.githubusercontent.com/makersteam-dev/files/main/uploads/
3 MB
0
Media
General
Full URL
https://raw.githubusercontent.com/makersteam-dev/files/main/uploads/shelltorchanim.mp4
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.oligo.security/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Range
bytes=0-

Response headers

x-fastly-request-id
0ac5bdad71eed90ad8a54f3a4d034ae032738e24
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 06:38:22 GMT
via
1.1 varnish
x-cache-hits
0
x-cache
HIT
Content-Range
bytes 0-3908757/3908758
cross-origin-resource-policy
cross-origin
Content-Length
3908758
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230081-FRA
x-github-request-id
FCB0:BEF7:E6EF65:F05E3A:651CBDDA
x-timer
S1696401503.987289,VS0,VE1
etag
"c10da8ad9330634c2573b4956eba890e58a59ae7755f7efcb125e0968f5b582e"
source-age
167
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Wed, 04 Oct 2023 06:43:22 GMT
gtm.js
www.googletagmanager.com/
210 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NBT2ZSD
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
20fe0951b7926e9d868796bfa7dede123e7e6cd7d261f02b5f97ee4149c77443
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77570
x-xss-protection
0
last-modified
Wed, 04 Oct 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 04 Oct 2023 06:38:23 GMT
hotjar-3280496.js
static.hotjar.com/c/
9 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-3280496.js?sv=6
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-37.fra56.r.cloudfront.net
Software
/
Resource Hash
a1dc4a796af05ac1a4ed5cf70464b42c6d20ddb031b7fd5acd2b1903a4da4318
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:37:36 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
47
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/cc37c5313122db127c9bbe4f1a560502
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
x-amz-cf-id
Bjm9y-IseL7zyXyk6Oy_TfW76qQzHso2myLYDb1bv20R2fqJ3ARaYA==
indexV1.css
cdn.privado.ai/version/
9 KB
2 KB
Stylesheet
General
Full URL
https://cdn.privado.ai/version/indexV1.css
Requested by
Host: text
URL: data:text/css,@import%20url%28%27https%3A//cdn.privado.ai/version/indexV1.css%27%29%3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8600:14:dc98:7700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9ce9e5ab558f8774690620818b8c908516eb0973fd8d8c5890ee914e2f3dd0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
_B0eOEcwYdXpeMn_c.asx3DOx0uy2s80
content-encoding
gzip
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
date
Tue, 03 Oct 2023 07:10:17 GMT
last-modified
Tue, 04 Oct 2022 20:12:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
84487
x-amz-server-side-encryption
AES256
etag
W/"0813fc920138afc00257b34ac67ec0fe"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
jAqpKgwX_n6eT-B3lRjHy65lp664QcI1dB4apDifrtd-JBWJ6ANHLQ==
truncated
/
58 B
0
Stylesheet
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a729bf8c024d5760c02ecaba0804fce0c8256bcba9b507a3bfc528a9a366d6ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
text/css
63ea1c60a717a64c03041370_Runtime%20application%20security%20and%20observability-Oligo%20-%20CTA.json
uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/
443 KB
310 KB
XHR
General
Full URL
https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/63ea1c60a717a64c03041370_Runtime%20application%20security%20and%20observability-Oligo%20-%20CTA.json
Requested by
Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/63dbb928e89213590c5bfd53/js/webflow.86e7d495d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
199edd020f45388dd1a0eb3de4d584b7f1872428fbbf0ae11bdf0ebbc8bdfeb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:23:36 GMT
x-amz-version-id
85LR1kgdUwofcmd9.enrfDdEA6_45k3P
content-encoding
br
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age
19952088
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 13 Feb 2023 11:17:54 GMT
server
AmazonS3
etag
W/"d5650e85eaefd4e48cccd9b7b311082e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
gV1Xw6OBEfOg87duTKUgsMLs89uCwNtCIV8LWeNZPROKsJeSLVov8w==
bundle.production.js
static.hsappstatic.net/head-dlb/static-1.368/ Frame 2679
44 KB
17 KB
Script
General
Full URL
https://static.hsappstatic.net/head-dlb/static-1.368/bundle.production.js
Requested by
Host: go.oligo.security
URL: https://go.oligo.security/meetings/mktg/shelltorch-briefing?embed=true&parentHubspotUtk=38b67ef2e4c2994ae919ae1dd219a5d4&parentPageUrl=https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15da0333da024365f065c44b1861355fac0211292dd57a0bb5f482ebcd166f4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://go.oligo.security/
Origin
https://go.oligo.security
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:23 GMT
x-amz-version-id
wWLMJ6qW0lXJfco2m026CzodYMop32jV
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
age
48909
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 11 Jul 2023 18:31:41 GMT
server
cloudflare
etag
W/"63ec2a77119dfb2ddcae56ab3a029230"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDaTIhBXoyk268r%2B3rjyUhv3omEmkIxVzHF3Syfir43My%2BLCnywQK3u5KJSzgRMwleSneJlt%2FKikh18Jx31izgu0DqrFcaL%2BjxEeWkVeNcXSYVUpXHfVKCuVgfrdMKX93ncpZRMrAfFKZ5rTcUKB%2BYIfATs%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=31536000
cf-ray
810b6bf40cd4926d-FRA
x-amz-cf-id
iIyt4csMBcJwgSY5kBqzNUXJd3XjzR2010559hea3xVmqlJiwVQh8A==
expires
Thu, 03 Oct 2024 06:38:23 GMT
configure-monitoring-eu1.js
static.hsappstatic.net/MeetingsPublic/static-1.35589/html/ Frame 2679
955 B
1 KB
Script
General
Full URL
https://static.hsappstatic.net/MeetingsPublic/static-1.35589/html/configure-monitoring-eu1.js
Requested by
Host: go.oligo.security
URL: https://go.oligo.security/meetings/mktg/shelltorch-briefing?embed=true&parentHubspotUtk=38b67ef2e4c2994ae919ae1dd219a5d4&parentPageUrl=https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae4b092c1ee3b5a9b2d85c4b73643ce9ff33baf091f0c457b227552194aab516
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://go.oligo.security/
Origin
https://go.oligo.security
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:23 GMT
x-amz-version-id
9lWe2b4yaGi6FmIoa8NsaXP.DmaG0GyG
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
age
48909
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 02 Oct 2023 15:52:27 GMT
server
cloudflare
etag
W/"8b127a13b6218b47e2782d9f51283b89"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SpSohZgC49lUGHFnVKDzHIamVGFh1jPAjCF5epMKl6trbDTxWBoeZ1ZNTvcY552Mmy3u1K5m4ZCxMoaBQD3oSavtRDzYvUcG0GuaSaUAYqiIHkjdTeiK%2F6OYc54ORNKO0vy9UYMIuSrXz9ZLM%2Fz%2BLEFQeWQ%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=31536000
cf-ray
810b6bf40cd7926d-FRA
x-amz-cf-id
KTwhCKgfyBnaoZ5igk7iCkUVNL-monx2_u2a0v2N17nW59SSCoktCQ==
expires
Thu, 03 Oct 2024 06:38:23 GMT
book-info-early-requester.js
static.hsappstatic.net/MeetingsPublic/static-1.35589/html/ Frame 2679
3 KB
2 KB
Script
General
Full URL
https://static.hsappstatic.net/MeetingsPublic/static-1.35589/html/book-info-early-requester.js
Requested by
Host: go.oligo.security
URL: https://go.oligo.security/meetings/mktg/shelltorch-briefing?embed=true&parentHubspotUtk=38b67ef2e4c2994ae919ae1dd219a5d4&parentPageUrl=https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cb9836297ba0f02992e15dd3df4a6bb118b044cfd9b25e4a5b434a0966ae238
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://go.oligo.security/
Origin
https://go.oligo.security
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:23 GMT
x-amz-version-id
39_g0a366V96TSH7szqObCqKLhZ7aOEd
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
age
48909
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 02 Oct 2023 15:52:27 GMT
server
cloudflare
etag
W/"75523121211ffe384934d73d6ba6ffd2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzCvfdtPH1ohmKF1sALnxfvhCCbGy3oTeEhCeFFuTbSlugsPK%2FPZjLrCAAjT%2FKmi76XuvDD%2FnYnyeNb95PywXhcCqlbNwX%2FX69hSbjb3q7Q%2FX8mLWMH3brVkaVydNPJbSGOOYLdD8RuSff41SJq4S%2BgeYgc%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=31536000
cf-ray
810b6bf40cd5926d-FRA
x-amz-cf-id
hqr72bTmGlCqw7de8DH4qs54gH26zWX4lXr2bjRxEtSSIeye1e4-Ig==
expires
Thu, 03 Oct 2024 06:38:23 GMT
project_with_deps.css
static.hsappstatic.net/MeetingsPublic/static-1.35589/bundles/ Frame 2679
183 KB
26 KB
Stylesheet
General
Full URL
https://static.hsappstatic.net/MeetingsPublic/static-1.35589/bundles/project_with_deps.css
Requested by
Host: go.oligo.security
URL: https://go.oligo.security/meetings/mktg/shelltorch-briefing?embed=true&parentHubspotUtk=38b67ef2e4c2994ae919ae1dd219a5d4&parentPageUrl=https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cd37aff479dfe3129e5c92fdead3c12b20a3c22437f84b60889b0b89dcd3a4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:23 GMT
x-amz-version-id
0bInHCz6spK9GjA5WD2s3W_OjV0oVAqC
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
age
139121
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 02 Oct 2023 15:52:27 GMT
server
cloudflare
etag
W/"12d2d8c344b121aeba54c9e939eae6c8"
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OafggcO%2FBjh6ag9x%2BGhWx5QRdgeRDX3DTTJvfKJuIO0XJWGeg1FKDp6LL0x0DW%2BYk%2Fci%2Fm0ghwl2Hb5FwOeGqidlUSpRvlIRFumYwQ4GrX1t98oZktlygoArk2FNCrHP1%2BMvLq45wMC%2BzR4OFH%2FIWlznLY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
810b6bf3f9e2bbe9-FRA
x-amz-cf-id
fbyMY5JPfPn6WkBS4FrOcI_KZD4eXIy1uuVmsMCdOQMjOIRnwzt1uw==
expires
Thu, 03 Oct 2024 06:38:23 GMT
bundle.production.js
static.hsappstatic.net/hubspot-dlb/static-1.438/ Frame 2679
295 KB
94 KB
Script
General
Full URL
https://static.hsappstatic.net/hubspot-dlb/static-1.438/bundle.production.js
Requested by
Host: go.oligo.security
URL: https://go.oligo.security/meetings/mktg/shelltorch-briefing?embed=true&parentHubspotUtk=38b67ef2e4c2994ae919ae1dd219a5d4&parentPageUrl=https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb67ec9baf00b771641b3e783f5511c58621d346ee890fe8b82139b9d7c1005
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://go.oligo.security/
Origin
https://go.oligo.security
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:23 GMT
x-amz-version-id
QR.7BVVxWRX648zgagdsk0.3qbRZHX6u
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
age
48909
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 25 Jul 2023 10:27:02 GMT
server
cloudflare
etag
W/"e1432fc848986a403838f2466a71736c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m201yiq2xfsknK9HTOYpzIpl21Ek3C0pnMDMSbmDe8CgE%2Bk5Uru7TqYXEAXS%2BG67gqEz9doxqyXf3vlqslGpFkN6XVBhgWDqBYbM302qKxYYXf0icbmieUhhLh3K%2FX2QJbxUIvglOGm6hUSsbmzBlJzqiXI%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=31536000
cf-ray
810b6bf40cd3926d-FRA
x-amz-cf-id
dKHoCAjZzO9_PE9DkgCo0p4TJK2FcPVvYFQ-WW2QGt6Unc7_bSuv8g==
expires
Thu, 03 Oct 2024 06:38:23 GMT
project.js
static.hsappstatic.net/MeetingsPublic/static-1.35589/bundles/ Frame 2679
1 MB
301 KB
Script
General
Full URL
https://static.hsappstatic.net/MeetingsPublic/static-1.35589/bundles/project.js
Requested by
Host: go.oligo.security
URL: https://go.oligo.security/meetings/mktg/shelltorch-briefing?embed=true&parentHubspotUtk=38b67ef2e4c2994ae919ae1dd219a5d4&parentPageUrl=https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee4b5e873bb745f8e12af6fe92606b65e5d706e8112af6b05f82b2a44bc9a823
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://go.oligo.security/
Origin
https://go.oligo.security
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:23 GMT
x-amz-version-id
4MjeFEciFZpt2gd6Wtdz4HuLWm7BNil1
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
age
48909
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 02 Oct 2023 15:52:27 GMT
server
cloudflare
etag
W/"35c76dfb3fcc889be48ca0d3c35244c4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ks%2FsxpHvXkhjRaVavw9NDV3pk6togXqbWUMbdqkRyTxhyraCM2qUIoxfizhJFW1X3TwPIYy3vSgnIjV1Kp4wrAzQ2UlWenraa1fIlh%2BVLoOjGYLX3rkgpT%2FrmbnRiU3iIwl%2F44gRAfqU8ZBDjqW9bWxcnzE%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=31536000
cf-ray
810b6bf40cd0926d-FRA
x-amz-cf-id
KrVLCc5O_AXbiy4kSWpYtvUiVeDCn6N6krOkY348Gg4eLSOpB0hbHg==
expires
Thu, 03 Oct 2024 06:38:23 GMT
truncated
/
27 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1aad639db4761313e379313bd160db8383ba569f5ad869320b399168890ba716

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
20 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a17dafd72b90f331e2c2b39725103c86e28f248432afe0eca3367a403192f9af

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
28 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d64bfd2f19b569cb9b9ad4c9f3183e097378cdc24863c0fb380d4e8dcd702b24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
37 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56f89b529d3ae32e7ba6175c30c1d04c7df4f4ea67bb7b5ed0f160ca87e00e1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
33 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc0aaecc5bd879dc1c14c28524bbdc9dd9e3254ee383156709d073b50135ba65

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
27 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16b27d1adef67c2363ff3b3af1b8439efdf36f57fc30aed6f3f7aaa59edd31d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
43 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
966f96ad4d511b3b134817e612cd8efa16d4ba693dacb7bba5522807d664c078

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
25 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65bd183a8e6b6e87555bb7aad153c7b18c9edb58b4daba4b265345dda21a9c91

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
27 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8e1a9995baf1e6cf3208860c38185eb6c78cd1a0bbda27c82b01caa1ec9ad1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
49 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b5f6a87cbf95c32bf63d3903a55530a886750b8ca02ad3548604b3cc73da2d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
modules.cf637fb03b42388e3bf3.js
script.hotjar.com/
225 KB
55 KB
Script
General
Full URL
https://script.hotjar.com/modules.cf637fb03b42388e3bf3.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3280496.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
e887a4e091adb3d75a4092a652fdd7cf34c979a2fb1a6c2128f34c9c51921e29
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 07:35:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
82997
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55981
last-modified
Tue, 03 Oct 2023 07:34:56 GMT
etag
"ad2bdee77732c468dfebb1d2d894abc8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
OPjOj_5Zvr_Wy2j22oBFnVbGtt3OjXL2KnpOAB4Uf4qRiS1546qV_w==
book
api-eu1.hubspot.com/meetings-public/v1/ Frame 2679
44 KB
6 KB
XHR
General
Full URL
https://api-eu1.hubspot.com/meetings-public/v1/book?slug=mktg%2Fshelltorch-briefing&now=1696401503421&includeInactiveLink=true&location=go.oligo.security&hubspotUtk=38b67ef2e4c2994ae919ae1dd219a5d4&parentCosPageUrl=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654&hs_static_app=MeetingsPublic&hs_static_app_version=1.35589&clienttimeout=12000
Requested by
Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.368/bundle.production.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
015192dfd4d6280eddcbe07b3a7aeec493dcc42d24421c983395baa52f3e17d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://go.oligo.security/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
098ce2a3-c178-47e8-9db0-a6912d86a5ca
content-encoding
br
x-envoy-upstream-service-time
328
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
098ce2a3-c178-47e8-9db0-a6912d86a5ca
server
cloudflare
vary
origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEwvBCHCWDfu6eQaizy%2FQ6dKBk7X0Av3IkEL7wke6m2Bfqu3H%2FHvE6LS7YAfZklId%2BrxDAi2P5I%2F6cbHrohuK6pbucQe%2B%2F1jGs6OcOKmopnhmZoyIa282OwYK8LcQbM6k6mr1WM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://go.oligo.security
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/hubapi-td/envoy-proxy-86f46d6c7b-bgjrs
access-control-allow-credentials
false
cf-ray
810b6bf4b9d52bae-FRA
access-control-allow-headers
Content-Type, X-HubSpot-Static-App-Info
insight.min.js
snap.licdn.com/li.lms-analytics/
12 KB
4 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBT2ZSD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 13:41:52 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=25249
accept-ranges
bytes
content-length
3822
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11293028927/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11293028927/?random=1696401503584&cv=11&fst=1696401503584&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654&hn=www.googleadservices.com&frm=0&tiba=ShellTorch%3A%20Multiple%20Critical%20Vulnerabilities%20in%20PyTorch%20Model%20Server%20(TorchServe)%20(CVSS%209.9%2C%20CVSS%209.8)%20Threatens%20Countless%20AI%20Users&auid=938924101.1696401504&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBT2ZSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
868385136db19634b12e72ae4946e43be29442939b17855af53d3e34322227a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 06:38:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
26088573.js
js-eu1.hs-scripts.com/
2 KB
1 KB
Script
General
Full URL
https://js-eu1.hs-scripts.com/26088573.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBT2ZSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ced9caaa23e9a5ac8d16b8f13a21e04545ca796e48eb036437165db33e19a32
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
c4a4bcf4-1a99-4c1a-b314-c0cb3d461c1c
x-envoy-upstream-service-time
4
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
c4a4bcf4-1a99-4c1a-b314-c0cb3d461c1c
last-modified
Wed, 04 Oct 2023 06:36:23 GMT
server
cloudflare
x-trace
2B17590EAE9DF418D432C9756612F2584926B8A862000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.oligo.security
x-evy-trace-virtual-host
all
cache-control
public, max-age=30
access-control-allow-credentials
true
x-evy-trace-served-by-pod
fra04/hubapi-td/envoy-proxy-86f46d6c7b-vmxl5
cf-ray
810b6bf5ab4592a2-FRA
js
www.googletagmanager.com/gtag/
266 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MF9NP2JYC7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBT2ZSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
116c54c27a610ba4d4e46d8e9e202f01a9a28ef7a27d405c9f2f13c9cb5e4e17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91440
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 04 Oct 2023 06:38:23 GMT
spacesword-low.woff2
static.hsappstatic.net/icons/static-2.553/fonts/ Frame 2679
48 KB
49 KB
Font
General
Full URL
https://static.hsappstatic.net/icons/static-2.553/fonts/spacesword-low.woff2
Requested by
Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/MeetingsPublic/static-1.35589/bundles/project_with_deps.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb1d1f3ed6e0638733eb5f3abf747f4663657298c84eac1c8e0ede3b6f1b329a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://static.hsappstatic.net/MeetingsPublic/static-1.35589/bundles/project_with_deps.css
Origin
https://go.oligo.security
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:23 GMT
x-amz-version-id
PYmj0J0nTDmEZ8q2Vi2NgqgSGMQEV4uS
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
age
66222
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
49040
last-modified
Thu, 21 Sep 2023 19:53:51 GMT
server
cloudflare
etag
"417e2ac8be1ffde577afc2d6afa0bb00"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2N2Z9GEiJGfpy3SY3AWfVfZfoEMZtXHo24%2F5tEiHcbfZi2twP9%2FFLrGPvbS%2BGq%2F5b99bbEna%2FbKpx4Rm9pH6i0CgeRWc8sTgdc3gFF0%2FTVo6TeP97X8bdxzbPRVavAHCuNhVM7%2BkIeimQokvQtMzbh69Ak%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
810b6bf57dca926d-FRA
x-amz-cf-id
KpB3heSw2gXZRN--HbRbvSRQbxQhkeIm4jI4VqKhZouDulr8wwRvKA==
expires
Thu, 03 Oct 2024 06:38:23 GMT
LexendDeca-Light.woff2
static.hsappstatic.net/ui-fonts/static-1.309/fonts/ Frame 2679
28 KB
29 KB
Font
General
Full URL
https://static.hsappstatic.net/ui-fonts/static-1.309/fonts/LexendDeca-Light.woff2
Requested by
Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/MeetingsPublic/static-1.35589/bundles/project_with_deps.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e07659d8ab7dcada320134e744176947ca18e9e1cd094081764c1d0cd9af1b7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://static.hsappstatic.net/MeetingsPublic/static-1.35589/bundles/project_with_deps.css
Origin
https://go.oligo.security
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:23 GMT
x-amz-version-id
.ibX5lU57xZPrzgQ419lAV8p0GOT.jBa
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
age
66222
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
29088
last-modified
Fri, 29 Sep 2023 15:59:24 GMT
server
cloudflare
etag
"f4369286388c3db9746601597e9ddb27"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12pbCOCHph5pb5UOEc9a3VenQnu9k6yt1pOM9x6QYp39nXF1lc%2F%2FOy%2FI4mxo6nW8PwNrFtARMwHYPVWO80MQsrs7NhAudRXdjxJ7LY%2Fv6PnvYQieltPrFFYU2roDlcvG08HcOKIm523G%2BNLxBYtsMmAEO64%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
810b6bf57dcd926d-FRA
x-amz-cf-id
G8SQLLX-6J_w7k6rPp7HrhfuU7SCnrzCivU_crpbI5CSWqxdjJHo2Q==
expires
Thu, 03 Oct 2024 06:38:23 GMT
nr-spa-1216.min.js
js-agent.newrelic.com/ Frame 2679
49 KB
19 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by
Host: go.oligo.security
URL: https://go.oligo.security/meetings/mktg/shelltorch-briefing?embed=true&parentHubspotUtk=38b67ef2e4c2994ae919ae1dd219a5d4&parentPageUrl=https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding
br
via
1.1 varnish
date
Wed, 04 Oct 2023 06:38:23 GMT
strict-transport-security
max-age=300
x-amz-request-id
CYHK4NX4K4K9QMW5
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
19141
x-amz-id-2
WEfAx159XR4RnzbYfxv3P+E71JX78MxVD9dh5n1V/aneSLPm0RzfzZd8jCu1GNwsSXewbWHVAO4=
x-served-by
cache-fra-eddf8230028-FRA
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1696401504.759990,VS0,VE0
etag
"63e2df852d15ab21d7ff8fc4363222e8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
403
/
content.hotjar.io/
56 B
161 B
XHR
General
Full URL
https://content.hotjar.io/?gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.cf637fb03b42388e3bf3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.35.249.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-249-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
099a911eb90ffdee5ab88efb3c58200b3e8c6fda8788db3e0962a15e506aba9b

Request headers

Referer
https://www.oligo.security/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 04 Oct 2023 06:38:24 GMT
content-length
56
vary
Origin
content-type
application/json
bulk-get
app.hubspot.com/api/treatments/v2/ Frame
0
0
Preflight
General
Full URL
https://app.hubspot.com/api/treatments/v2/bulk-get?hs_static_app=MeetingsPublic&hs_static_app_version=1.35589&other=4c8738a0-640a-447e-80cb-d65daa283a3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://go.oligo.security
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
false
allow
POST
cf-cache-status
DYNAMIC
cf-ray
810b6bf739b56946-FRA
date
Wed, 04 Oct 2023 06:38:23 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K11d90bhaZkIxEF1igRh%2FM9MmIy4BU2KPt1mdRopUvYiWMesI2nwvkrQRgG7PY%2Fd0%2F5fcl1etl8NqmJk6duDA9QuGMt97dbEmgm9sSS7KQPunPZzIB4t42EB%2FCgBzNv99R6ASx%2BKTp7M8K5nkA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5b5c96c966-fghm2
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
2ed24bc6-d7be-4c4e-b0f6-a6690910e781
x-request-id
2ed24bc6-d7be-4c4e-b0f6-a6690910e781
x-trace
2B039FB12A0649DA53079A48D5616E8D264D05CC9D8F1449711314532F01
bulk-get
app.hubspot.com/api/treatments/v2/ Frame 2679
0
0

collect
region1.google-analytics.com/g/
0
256 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MF9NP2JYC7&gtm=45je3a20&_p=1438195969&cid=2062662130.1696401504&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696401503&sct=1&seg=0&dl=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654&dt=ShellTorch%3A%20Multiple%20Critical%20Vulnerabilities%20in%20PyTorch%20Model%20Server%20(TorchServe)%20(CVSS%209.9%2C%20CVSS%209.8)%20Threatens%20Countless%20AI%20Users&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MF9NP2JYC7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 06:38:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.oligo.security
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
26088573.js
js-eu1.hs-scripts.com/ Frame 2679
Redirect Chain
  • https://js.hs-scripts.com/26088573.js?analyticsCommon=true
  • https://js-eu1.hs-scripts.com/26088573.js?analyticsCommon=true
2 KB
827 B
Script
General
Full URL
https://js-eu1.hs-scripts.com/26088573.js?analyticsCommon=true
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Server
172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ba4511d2f2070aaf9d98847dfb6b345b2fe0b0803f3007e95328cf79407195
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
c6eb0838-41f9-40eb-8ed7-c8b519427210
x-envoy-upstream-service-time
5
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
c6eb0838-41f9-40eb-8ed7-c8b519427210
last-modified
Wed, 04 Oct 2023 06:36:24 GMT
server
cloudflare
x-trace
2B5E1FDEE54B89067C612CC5AE6B2677023179B3F3000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://go.oligo.security
x-evy-trace-virtual-host
all
cache-control
public, max-age=30
access-control-allow-credentials
true
x-evy-trace-served-by-pod
fra04/hubapi-td/envoy-proxy-86f46d6c7b-qfbbp
cf-ray
810b6bf8cce792a2-FRA

Redirect headers

date
Wed, 04 Oct 2023 06:38:24 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
1ae8a4f0-3d86-4dd4-ba71-f225366bafe5
x-envoy-upstream-service-time
8
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
1ae8a4f0-3d86-4dd4-ba71-f225366bafe5
server
cloudflare
x-trace
2B3BC4EB08C0277A268884617F7D52E3E49D244997000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
location
https://js-eu1.hs-scripts.com/26088573.js?analyticsCommon=true
access-control-allow-origin
https://go.oligo.security
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5b5c96c966-ztn57
cf-ray
810b6bf7ed101a49-FRA
expires
Wed, 04 Oct 2023 06:39:24 GMT
LexendDeca-Medium.woff2
static.hsappstatic.net/ui-fonts/static-1.309/fonts/ Frame 2679
29 KB
30 KB
Font
General
Full URL
https://static.hsappstatic.net/ui-fonts/static-1.309/fonts/LexendDeca-Medium.woff2
Requested by
Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/MeetingsPublic/static-1.35589/bundles/project_with_deps.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28e859a343b92d20c6a2fa4424bbdf166ea01d0f479d719823d68872d68103cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://static.hsappstatic.net/MeetingsPublic/static-1.35589/bundles/project_with_deps.css
Origin
https://go.oligo.security
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:23 GMT
x-amz-version-id
Cdc_rYPV0q6V4FmDqH8yVHeXQP3HPn7H
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
age
66221
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
29452
last-modified
Fri, 29 Sep 2023 15:59:24 GMT
server
cloudflare
etag
"b8a544816ba2b3956f03a168d5001e5f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beTvV%2BcOehWWF%2FZ4xOy7cHZl87eYTl3idBzVepNCjM8n9sPcrOkEJFtKovU6ezpP2NEPr7EApm4O%2Fp4rd6XGMuyN5GEM1qcTVN1bLEuaaVnJkE4GlbTXi5N%2BAQOHcLOwuhaVV%2BQyvv%2BTEm%2F1zbUHNgkH9bA%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
810b6bf7cf67926d-FRA
x-amz-cf-id
nSLK8ql2OJp9W7u3rWIN_JcLMW-Ac0xDR5auGZm0sA7UJ1DeNI3Ciw==
expires
Thu, 03 Oct 2024 06:38:23 GMT
LexendDeca-SemiBold.woff2
static.hsappstatic.net/ui-fonts/static-1.309/fonts/ Frame 2679
29 KB
30 KB
Font
General
Full URL
https://static.hsappstatic.net/ui-fonts/static-1.309/fonts/LexendDeca-SemiBold.woff2
Requested by
Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/MeetingsPublic/static-1.35589/bundles/project_with_deps.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1c036584fd4b67f626534b37eef7a19ecf8954e478e78d0329248f2286126e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://static.hsappstatic.net/MeetingsPublic/static-1.35589/bundles/project_with_deps.css
Origin
https://go.oligo.security
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:23 GMT
x-amz-version-id
sDQr_nKwXGn1MlAJ14aVb9M4mhRv0uZ2
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
age
66221
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
29604
last-modified
Fri, 29 Sep 2023 15:59:24 GMT
server
cloudflare
etag
"1a6b3ef841e99bc026b66072be732cbb"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brmqY7Yo2YWtXZRpksTXahUsbJZap9kR21rsdUgPJqQPeGfmOHsEFGNU9O0%2Fin9n4ZO1Ex66gfvq2BThjrJRWghlKBbqQmLWWqfdG9C3UVxSLYZDuumwCPEu5LYTtQ3YpF2YrI4aXYSdn2t%2BumbU43u5rig%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
810b6bf7cf69926d-FRA
x-amz-cf-id
BJH328NLQyNEgW-ubALPHmfgNC3m2W7M4Wvm2H8P-Y9XhBr5PIbqww==
expires
Thu, 03 Oct 2024 06:38:23 GMT
rhumb
app.hubspot.com/api/cartographer/v1/ Frame 2679
0
973 B
Ping
General
Full URL
https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=MeetingsPublic&hs_static_app_version=1.35589
Requested by
Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/MeetingsPublic/static-1.35589/bundles/project.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://go.oligo.security/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Oct 2023 06:38:24 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
8c2e9bce-8c97-4747-8a7c-932d4c166071
x-envoy-upstream-service-time
6
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
8c2e9bce-8c97-4747-8a7c-932d4c166071
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHCTHzenkH0hP6HNTMXCN01Ahv1uaqM3zyu92G9lv8DPWi4IN4k4fr%2BDG51lDy8AtdVGRB%2BpmDsaWs3nnyA3jwAVJcjNqrVzKAJx7X2X8nTITLIw%2Bluc5LpdxgGDXLeK435c8FSLhNoWPZe3zw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5b5c96c966-bgqh8
x-evy-trace-virtual-host
all
access-control-allow-credentials
false
cf-ray
810b6bf81c261d84-FRA
Guy%20Kaplan-3.jpeg
26088573.fs1.hubspotusercontent-eu1.net/hubfs/26088573/ Frame 2679
21 KB
22 KB
Image
General
Full URL
https://26088573.fs1.hubspotusercontent-eu1.net/hubfs/26088573/Guy%20Kaplan-3.jpeg
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3200::90:3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21c2ca974f28ea3c09562e4eed10da8559ded77fd2154767c95044b9d9359a21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-81311623397,P-26088573,FLS-ALL
age
33032
x-amz-request-id
VRTH1B9PD9HD7RZX
x-amz-server-side-encryption
AES256
edge-cache-tag
F-81311623397,P-26088573,FLS-ALL
x-amz-replication-status
PENDING
content-disposition
inline; filename="Guy%20Kaplan-3.webp"
x-hs-cf-lambda
us-east-1.SetCacheTagHeaders 4
cf-bgj
imgq:85,h2pri
etag
"74b978ca65a1bd5fb70fae5b68297f66"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1696367898261
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
none
date
Wed, 04 Oct 2023 06:38:24 GMT
via
1.1 dc341d03bd5d53f09228219aec3f44e8.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-version-id
2b6Yt0ewfjSNF60xxBAWC1GFkzU0i0cG
x-amz-cf-pop
CDG50-C2
x-hs-alternate-content-type
text/plain
cf-polished
qual=85, origFmt=jpeg, origSize=49715
x-cache
Miss from cloudfront
cache-tag
F-81311623397,P-26088573,FLS-ALL
x-amz-meta-index-tag
none
x-amz-storage-class
INTELLIGENT_TIERING
content-length
21062
x-amz-id-2
51nJ/hf9vQECGfbnchk80KLavICCN3Xe1xZ5fyqltrPW+y1gYD+Lwhe8EqwtaM/77HBvIEuok2c=
last-modified
Tue, 03 Oct 2023 21:18:19 GMT
server
cloudflare
accept-ranges
bytes
cf-ray
810b6bf84c754d37-FRA
x-amz-cf-id
Uyv8knC0bLOqmZRl9RF4UUpuZ88-a-EhcPgaainbYGsG2nlqni-24w==
insight.old.min.js
snap.licdn.com/li.lms-analytics/
13 KB
5 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Aug 2023 12:14:15 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=48972
accept-ranges
bytes
content-length
4862
fb.js
js-eu1.hsadspixel.net/
6 KB
4 KB
Script
General
Full URL
https://js-eu1.hsadspixel.net/fb.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/26088573.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1e4e3cba3eeeb3ad74ae67c1f42012ebb51d8497482e5c01d404579d49c6b04
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:24 GMT
x-amz-version-id
MiORZOji2P27E5f3usS102mv5dcg0lYn
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P2
age
291
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.485/bundles/pixels-release.js&cfRay=810b64de4dec5d99-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
e062e097-f1ab-4523-8d28-f02be63714a7
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
0
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
e062e097-f1ab-4523-8d28-f02be63714a7
last-modified
Tue, 19 Sep 2023 08:21:28 UTC
server
cloudflare
etag
W/"1bce211846e6a6691aa314979e0a21fb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-797758f45b-8q8m9
cf-ray
810b6bf91fb15d6b-FRA
x-amz-cf-id
V0WerMKm2SkZQ9PHPt0vmpxbg5g_t1UTcZ0ivYKabFOttmZFgR8f-w==
x-hs-target-asset
adsscriptloaderstatic/static-1.485/bundles/pixels-release.js
26088573.js
js-eu1.hs-analytics.net/analytics/1696401300000/
66 KB
21 KB
Script
General
Full URL
https://js-eu1.hs-analytics.net/analytics/1696401300000/26088573.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/26088573.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea4fafc9e0adbc72b5a22faeabeb059125937e7b22bec32fd2b00cdb66c152b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:24 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
WHKKB5ZRZP7JB352
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
f7f4309d-5b69-4b3f-9c5b-27a11c4159bc
age
25
x-envoy-upstream-service-time
18
x-amz-id-2
bNSK/yldb1bagR/Xd/oDLoQGSdVxNagsLBzHWS4DzPU/9bZeBfHIKWpA33sDjv0Ht8R9l+FmRqY=
x-evy-trace-listener
listener_https
x-request-id
f7f4309d-5b69-4b3f-9c5b-27a11c4159bc
x-evy-trace-route-configuration
listener_https/all
last-modified
Fri, 15 Sep 2023 18:25:35 GMT
server
cloudflare
etag
W/"55a82ecf7e58c9be777cf4a1afcef290"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-6bfd96c9d5-gdvn9
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
810b6bf84e7a1c36-FRA
expires
Wed, 04 Oct 2023 06:42:59 GMT
collectedforms.js
js-eu1.hscollectedforms.net/
69 KB
25 KB
Script
General
Full URL
https://js-eu1.hscollectedforms.net/collectedforms.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/26088573.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1b5aca028dd8447199f3c06601e38f5b8aba3b29be5ccd2de504a561fed2558
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.oligo.security/
Origin
https://www.oligo.security
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-encoding
br
x-evy-trace-route-service-name
envoyset-translator
age
353
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.425/bundles/project.js&cfRay=810b635d4caf2be6-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"526bb173ed1384afadfc2b0eb6b0846e"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
collected-forms-embed-js/static-1.425/bundles/project.js
date
Wed, 04 Oct 2023 06:38:24 GMT
x-amz-version-id
99Y.E0UsJAdqqpubte3vKq3r2MOVQh4K
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P2
x-hubspot-correlation-id
d7db1645-0b52-44fe-a1c5-eb5103f7aac5
x-cache
Miss from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
268
x-evy-trace-route-configuration
listener_https/all
x-request-id
d7db1645-0b52-44fe-a1c5-eb5103f7aac5
last-modified
Fri, 22 Sep 2023 08:42:59 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-797758f45b-49p9l
cf-ray
810b6bf84b6d2bb4-FRA
x-amz-cf-id
_IEHiduG6oj9nvhifkeg-Ma-l3IBbiyLGKNZIl636GPEkL8_MtFcrg==
banner.js
js-eu1.hs-banner.com/v2/26088573/
66 KB
20 KB
Script
General
Full URL
https://js-eu1.hs-banner.com/v2/26088573/banner.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/26088573.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9039f421f86b997ac1deb409454277a2b0012921e87833ba2380836aa8cfc79f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:24 GMT
x-amz-version-id
fTts1zdouK6Yx1Q8SP6rWdjx4pwyeDa.
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
H9RQBZJTKE3GM55E
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
7b436517-b1d7-4bf9-b065-32d5ca42c1a1
age
259
x-envoy-upstream-service-time
40
x-amz-id-2
P5YOC1lAg5PEWkYOdn4pXeEfddNZfhSMD0KMOwVP9XllyRzykTJ3p21yLftkTYgkRJRyjc6ihKE=
x-evy-trace-listener
listener_https
x-request-id
7b436517-b1d7-4bf9-b065-32d5ca42c1a1
x-evy-trace-route-configuration
listener_https/all
last-modified
Tue, 26 Sep 2023 20:34:49 GMT
server
cloudflare
etag
W/"435b8e52847bd072ca0ad7e85b58416e"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.oligo.security
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-55f7b4ccdf-4kqp8
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
810b6bf84de49a12-FRA
expires
Wed, 04 Oct 2023 06:39:05 GMT
/
www.google.com/pagead/1p-user-list/11293028927/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/11293028927/?random=1696401503584&cv=11&fst=1696399200000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654&frm=0&tiba=ShellTorch%3A%20Multiple%20Critical%20Vulnerabilities%20in%20PyTorch%20Model%20Server%20(TorchServe)%20(CVSS%209.9%2C%20CVSS%209.8)%20Threatens%20Countless%20AI%20Users&fmt=3&is_vtc=1&random=760704212&rmt_tld=0&ipr=y
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 06:38:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11293028927/
42 B
455 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/11293028927/?random=1696401503584&cv=11&fst=1696399200000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654&frm=0&tiba=ShellTorch%3A%20Multiple%20Critical%20Vulnerabilities%20in%20PyTorch%20Model%20Server%20(TorchServe)%20(CVSS%209.9%2C%20CVSS%209.8)%20Threatens%20Countless%20AI%20Users&fmt=3&is_vtc=1&random=760704212&rmt_tld=1&ipr=y
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Oct 2023 06:38:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f9d051f404
bam-cell.nr-data.net/1/ Frame 2679
56 B
966 B
Script
General
Full URL
https://bam-cell.nr-data.net/1/f9d051f404?a=52238929&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=1053&ck=1&ref=https://go.oligo.security/meetings/mktg/shelltorch-briefing&be=465&fe=764&dc=634&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1696401502962,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:47,%22c%22:47,%22s%22:53,%22ce%22:69,%22rq%22:70,%22rp%22:187,%22rpe%22:191,%22dl%22:387,%22di%22:634,%22ds%22:634,%22de%22:634,%22dc%22:762,%22l%22:763,%22le%22:764%7D,%22navigation%22:%7B%7D%7D&ja=%7B%22nrSnippetVersion%22:%221216%22,%22environment%22:%22prod%22,%22deployed%22:false,%22hublet%22:%22na1%22,%22hsOlderBrowserVersion%22:false,%22conditionalPolyfillsInstalled%22:false,%22package%22:%22MeetingsPublic%22,%22packageVersion%22:%221.35589%22,%22template%22:%22public-eu1.html.js%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22scriptStartTime%22:459,%22appStartTime%22:555.0999984741211,%22i18nTime%22:561.2999992370605,%22i18nLangLocale%22:%22en-us%22,%22i18nDateNumFormat%22:%22en-us%22,%22isNewI18nLoader%22:true,%22bookInfoFetchPreRender%22:false,%22meetingsLibVersion%22:%22static-2.32972%22,%22reactRhumbVersion%22:%221.9661%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22bookInfoHasMeetingsUser%22:true,%22calendarProvider%22:%22GOOGLE%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0%7D&jsonp=NREUM.setToken
Requested by
Host: go.oligo.security
URL: https://go.oligo.security/meetings/mktg/shelltorch-briefing?embed=true&parentHubspotUtk=38b67ef2e4c2994ae919ae1dd219a5d4&parentPageUrl=https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.2 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Wed, 04 Oct 2023 06:38:24 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkBZfdjgRYHGfHE4%2F2c9wMKO42Fl1K1UhphAmASsDAQV8UiL%2B%2BcP%2BJdydY3lHFNxoxQVgFPMrmAdpyXBG%2BtFoAEePmJo7%2BuZ%2B5zS00OH3kv5c2q52IzTRv4Ax4%2B3S5UcwW5HjaYl"}],"group":"cf-nel","max_age":604800}
Vary
Accept-Encoding
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
810b6bf89d7f9948-FRA
token
cdn.linkedin.oribi.io/partner/5919313/domain/oligo.security/
36 B
397 B
XHR
General
Full URL
https://cdn.linkedin.oribi.io/partner/5919313/domain/oligo.security/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:a400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.oligo.security/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 08:03:55 GMT
content-encoding
gzip
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
167669
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
x-amz-cf-id
oayeD8gYoFFAvR_YuE0oTeMB8RJLXJGHPXgbEcYTGRAAOKqkWa9jWw==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1696401504097&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1696401504097&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5919313%26time%3D1696401504097%26url%3Dhttps%253A%252F%252Fwww.oligo.security%252...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1696401504097&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654&cookiesTest=true&...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1696401504097&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654&cookiesTest=true...
0
481 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1696401504097&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654&cookiesTest=true&liSync=true&e_ipv6=AQLdO8h1TPoPMQAAAYr5aL38DCa41z9OuBR6upr7XAha-c83ZCaXmaPL7--Z6LoUVa52RBAwzASMyw
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:25 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: E2805EE26078447FB9F60F7603CD2786 Ref B: FRAEDGE1119 Ref C: 2023-10-04T06:38:25Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript
x-li-fabric
prod-lor1
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYG3kEpYbik+35NbGIVRA==

Redirect headers

date
Wed, 04 Oct 2023 06:38:25 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 86BA3538118C4A1AB89DD602FB42E622 Ref B: FRAEDGE1406 Ref C: 2023-10-04T06:38:25Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5919313&time=1696401504097&url=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654&cookiesTest=true&liSync=true&e_ipv6=AQLdO8h1TPoPMQAAAYr5aL38DCa41z9OuBR6upr7XAha-c83ZCaXmaPL7--Z6LoUVa52RBAwzASMyw
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYG3kEmBS8LZ0Fz8ROVMw==
json
forms-eu1.hscollectedforms.net/collected-forms/v1/config/
116 B
413 B
XHR
General
Full URL
https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=26088573&utk=
Requested by
Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c5013b0c800324264ccbe5fe549f21cc08e7db884d957f40f96186493bce359
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.oligo.security/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
c9e26c7d-db4b-4ec1-b216-4dc8dc1cd402
x-envoy-upstream-service-time
7
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
c9e26c7d-db4b-4ec1-b216-4dc8dc1cd402
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.oligo.security
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-797758f45b-8q8m9
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
810b6bf8ec1b2bb4-FRA
collectedforms.js
js-eu1.hscollectedforms.net/ Frame 2679
69 KB
25 KB
Script
General
Full URL
https://js-eu1.hscollectedforms.net/collectedforms.js
Requested by
Host: go.oligo.security
URL: https://go.oligo.security/meetings/mktg/shelltorch-briefing?embed=true&parentHubspotUtk=38b67ef2e4c2994ae919ae1dd219a5d4&parentPageUrl=https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1b5aca028dd8447199f3c06601e38f5b8aba3b29be5ccd2de504a561fed2558
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://go.oligo.security/
Origin
https://go.oligo.security
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-encoding
br
age
23
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.425/bundles/project.js&cfRay=810b6b693ee92bdc-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"526bb173ed1384afadfc2b0eb6b0846e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
collected-forms-embed-js/static-1.425/bundles/project.js
date
Wed, 04 Oct 2023 06:38:24 GMT
x-amz-version-id
99Y.E0UsJAdqqpubte3vKq3r2MOVQh4K
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P2
x-hubspot-correlation-id
1f39075a-6ffb-4e1f-91cc-fe8620b4f623
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
0
x-evy-trace-route-configuration
listener_https/all
x-request-id
1f39075a-6ffb-4e1f-91cc-fe8620b4f623
last-modified
Fri, 22 Sep 2023 08:42:59 UTC
server
cloudflare
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-797758f45b-8q8m9
cf-ray
810b6bf8fc2b2bb4-FRA
x-amz-cf-id
xUJzWz8t1KMf7oZ4rUUqMU-Pyf3S3VTHKAcyAT8bLpqicr1144TOgA==
banner.js
js-eu1.hs-banner.com/v2/26088573/ Frame 2679
66 KB
18 KB
Script
General
Full URL
https://js-eu1.hs-banner.com/v2/26088573/banner.js
Requested by
Host: go.oligo.security
URL: https://go.oligo.security/meetings/mktg/shelltorch-briefing?embed=true&parentHubspotUtk=38b67ef2e4c2994ae919ae1dd219a5d4&parentPageUrl=https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9039f421f86b997ac1deb409454277a2b0012921e87833ba2380836aa8cfc79f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:24 GMT
x-amz-version-id
fTts1zdouK6Yx1Q8SP6rWdjx4pwyeDa.
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
H9RQBZJTKE3GM55E
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
7b436517-b1d7-4bf9-b065-32d5ca42c1a1
age
259
x-envoy-upstream-service-time
40
x-amz-id-2
P5YOC1lAg5PEWkYOdn4pXeEfddNZfhSMD0KMOwVP9XllyRzykTJ3p21yLftkTYgkRJRyjc6ihKE=
x-evy-trace-listener
listener_https
x-request-id
7b436517-b1d7-4bf9-b065-32d5ca42c1a1
x-evy-trace-route-configuration
listener_https/all
last-modified
Tue, 26 Sep 2023 20:34:49 GMT
server
cloudflare
etag
W/"435b8e52847bd072ca0ad7e85b58416e"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.oligo.security
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-55f7b4ccdf-4kqp8
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
810b6bf8fe4a9a12-FRA
expires
Wed, 04 Oct 2023 06:39:05 GMT
common.js
js-eu1.hs-analytics.net/analytics/1696401300000/ Frame 2679
66 KB
21 KB
Script
General
Full URL
https://js-eu1.hs-analytics.net/analytics/1696401300000/common.js
Requested by
Host: go.oligo.security
URL: https://go.oligo.security/meetings/mktg/shelltorch-briefing?embed=true&parentHubspotUtk=38b67ef2e4c2994ae919ae1dd219a5d4&parentPageUrl=https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4f146ccf173513668940810610efb89741e66e64d2448afc730ebf2955210e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:24 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
YNDWQA8SHHH4XYVT
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
127e31a1-6827-4531-b2be-76fd025ba537
age
184
x-envoy-upstream-service-time
17
x-amz-id-2
+lgpmT12QdVueYe9eCuR6WjjDI4IhMill89u7qKVd80iUAAMNSsPnfDKYOHvpjqEiv/ylYQslek=
x-evy-trace-listener
listener_https
x-request-id
127e31a1-6827-4531-b2be-76fd025ba537
x-evy-trace-route-configuration
listener_https/all
last-modified
Fri, 15 Sep 2023 18:02:52 GMT
server
cloudflare
etag
W/"99cb6fd04ecbaf54f12309cf14587ef7"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-6bfd96c9d5-v5rkj
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
810b6bf8ff191c36-FRA
expires
Wed, 04 Oct 2023 06:40:20 GMT
fb.js
js-eu1.hsadspixel.net/ Frame 2679
6 KB
3 KB
Script
General
Full URL
https://js-eu1.hsadspixel.net/fb.js
Requested by
Host: go.oligo.security
URL: https://go.oligo.security/meetings/mktg/shelltorch-briefing?embed=true&parentHubspotUtk=38b67ef2e4c2994ae919ae1dd219a5d4&parentPageUrl=https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1e4e3cba3eeeb3ad74ae67c1f42012ebb51d8497482e5c01d404579d49c6b04
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:24 GMT
x-amz-version-id
MiORZOji2P27E5f3usS102mv5dcg0lYn
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P2
age
291
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.485/bundles/pixels-release.js&cfRay=810b64de4dec5d99-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
e062e097-f1ab-4523-8d28-f02be63714a7
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
0
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
e062e097-f1ab-4523-8d28-f02be63714a7
last-modified
Tue, 19 Sep 2023 08:21:28 UTC
server
cloudflare
etag
W/"1bce211846e6a6691aa314979e0a21fb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-797758f45b-8q8m9
cf-ray
810b6bf91fb25d6b-FRA
x-amz-cf-id
V0WerMKm2SkZQ9PHPt0vmpxbg5g_t1UTcZ0ivYKabFOttmZFgR8f-w==
x-hs-target-asset
adsscriptloaderstatic/static-1.485/bundles/pixels-release.js
json
forms-eu1.hscollectedforms.net/collected-forms/v1/config/ Frame 2679
116 B
270 B
XHR
General
Full URL
https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=26088573&utk=
Requested by
Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.368/bundle.production.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c5013b0c800324264ccbe5fe549f21cc08e7db884d957f40f96186493bce359
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://go.oligo.security/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
ab0c6298-8ee8-41ae-a144-28fb06f1dd9a
x-envoy-upstream-service-time
2
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
ab0c6298-8ee8-41ae-a144-28fb06f1dd9a
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://go.oligo.security
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-797758f45b-8q8m9
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
810b6bf93c592bb4-FRA
__ptq.gif
track-eu1.hubspot.com/ Frame 2679
45 B
1 KB
Image
General
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=15&fi=b508b6f0-e993-4775-bfee-8f4067df08ca&ft=5&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1666088104&v=1.1&a=26088573&ccu=https%3A%2F%2Fgo.oligo.security%2Fmeetings%2Fmktg%2Fshelltorch-briefing&r=https%3A%2F%2Fwww.oligo.security%2F&pu=https%3A%2F%2Fgo.oligo.security%2Fmeetings%2Fmktg%2Fshelltorch-briefing%3Fembed%3Dtrue%26parentHubspotUtk%3D38b67ef2e4c2994ae919ae1dd219a5d4%26parentPageUrl%3Dhttps%3A%2F%2Fwww.oligo.security%2Fblog%2Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654&cts=1696401504201&vi=38b67ef2e4c2994ae919ae1dd219a5d4&nc=true&ce=false&cc=0
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
fbe82191-095e-490d-a9e3-df0726fc1386
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
2
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
fbe82191-095e-490d-a9e3-df0726fc1386
last-modified
Wed, 04 Oct 2023 06:38:24 GMT
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9Vzfchs727a4k9oWbYcynmBi8jEgkFPXRQaRH4srRpFSsXH0dUOJgm9fxJKykYlin40YM8ivKb2Wkk4KdbMxHQNIl1qoQIZo%2BtSEhZecNuo2ToVRuidjSu5buNkK%2BUAw0kCwiiaiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-74554d9fd-lf9gg
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
810b6bf96e2f1d90-FRA
x-robots-tag
none
json
api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/
114 B
1 KB
XHR
General
Full URL
https://api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=26088573
Requested by
Host: js-eu1.hsadspixel.net
URL: https://js-eu1.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3200::90:3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6db7b2c241104c68064ee3e78c314510984ab6d446e4096acca7d5e7a499522
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
aaca84a3-4159-43b1-b094-17e8954ad193
content-encoding
br
x-envoy-upstream-service-time
2
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
aaca84a3-4159-43b1-b094-17e8954ad193
server
cloudflare
x-trace
2BB5AF613A2BBC157FED97ABBC76477395B11B29CD000000000000000000
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.oligo.security
x-evy-trace-virtual-host
all
access-control-max-age
180
access-control-allow-credentials
false
x-evy-trace-served-by-pod
fra04/hubapi-td/envoy-proxy-86f46d6c7b-dn7wv
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLYDvpyJTPlgR1VOnBwSvua5RtR%2Ba2eutqrQqXgHlU5lAvAE19xI8LcryRxOyFdVUHV%2FHkn3AMn6FoKVcDs%2BGDp%2B7XzogTCJPq%2Fa%2B%2BrH8P%2FP20VGxa%2Br%2F4pf8IiCbLW05Yv7CvRQWZTwRz0A0iEFfA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
810b6bf96f232bfc-FRA
access-control-allow-headers
*
f9d051f404
bam-cell.nr-data.net/ins/1/ Frame 2679
0
680 B
XHR
General
Full URL
https://bam-cell.nr-data.net/ins/1/f9d051f404?a=52238929&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=1278&ck=1&ref=https://go.oligo.security/meetings/mktg/shelltorch-briefing
Requested by
Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.368/bundle.production.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.2 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://go.oligo.security/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 04 Oct 2023 06:38:24 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nhrekcw3Gn0QJR%2Fdb2W0CrKvaPldkIP0nC8bdx7k1jYGHqy8O9y0sUka7hAW2jkRHPxMo%2Fjr%2FqufPKL%2BtfxUETzvzzz3LihhPB9RempGWQH0pgwhBpNE1AQCjCbC14c5%2FzepRm%2BF"}],"group":"cf-nel","max_age":604800}
Access-Control-Allow-Origin
https://go.oligo.security
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
810b6bf97e0d9948-FRA
f9d051f404
bam-cell.nr-data.net/events/1/ Frame 2679
24 B
743 B
XHR
General
Full URL
https://bam-cell.nr-data.net/events/1/f9d051f404?a=52238929&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=1282&ck=1&ref=https://go.oligo.security/meetings/mktg/shelltorch-briefing
Requested by
Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.368/bundle.production.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.2 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://go.oligo.security/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 04 Oct 2023 06:38:24 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://go.oligo.security
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MasO%2BXl0msSpZ89q1eAB%2FIfHTFInXTpQ2t48EDDFPNQJzaBKg%2B4viPFmw7DoDQZjaIXxj%2Bv39PB6wT%2FqwOJBUOMivx%2BTh6uruOzo2LTSQRvXLcRy9EkeqqcanwCDUCInJBv%2FTmn3"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
810b6bf99a759bf2-FRA
Content-Length
24
zi-tag.js
js.zi-scripts.com/
8 KB
3 KB
Script
General
Full URL
https://js.zi-scripts.com/zi-tag.js
Requested by
Host: www.oligo.security
URL: https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-2.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c365a59132dd34b492cb3a77d534078dd35cbbf75dbb2eabbe328642b74a291b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
Rt6XPSKiJ8UdHSAhNzDbvtFnl_cNNgVn
content-encoding
br
via
1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
date
Tue, 03 Oct 2023 13:40:23 GMT
last-modified
Mon, 24 Jul 2023 07:50:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
61084
etag
W/"4eb0c668e820abe414d19a11b92dd0fa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
AU-WPhsHJ6GJcvozclPqTySd9uMpwZKnmiOMfvpaQiWVmYSCeu8pOg==
__ptq.gif
track-eu1.hubspot.com/
45 B
440 B
Image
General
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1666088104&v=1.1&a=26088573&rcu=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654&pu=https%3A%2F%2Fwww.oligo.security%2Fblog%2Fshelltorch-torchserve-ssrf-vulnerability-cve-2023-43654&t=ShellTorch%3A+Multiple+Critical+Vulnerabilities+in+PyTorch+Model+Server+(TorchServe)+(CVSS+9.9%2C+CVSS+9.8)+Threatens+Countless+AI+Users&cts=1696401506111&vi=38b67ef2e4c2994ae919ae1dd219a5d4&nc=true&u=263486035.38b67ef2e4c2994ae919ae1dd219a5d4.1696401506108.1696401506108.1696401506108.1&b=263486035.1.1696401506108&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.oligo.security/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 06:38:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
bec95d66-0810-44a4-af71-ba0fb52917ee
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
3
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
bec95d66-0810-44a4-af71-ba0fb52917ee
last-modified
Wed, 04 Oct 2023 06:38:26 GMT
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=on9lTeqbzv5mhLUvD63gMllyIVJsgAY0pP7P4iWBfBmy%2BaGQfuB37uTPpMONTaqxtesRVu%2F8L5vkxDd9MRGlSz6JV8e76aQWwf%2FFT44HpCiENkp7%2BMyjPI1AypEkIhgcmeWHLjPkIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-74554d9fd-lf9gg
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
810b6c05399e1d90-FRA
x-robots-tag
none
getSubscriptions
js.zi-scripts.com/unified/v1/master/
150 B
514 B
Fetch
General
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-2.fra56.r.cloudfront.net
Software
/ Express
Resource Hash
fa1b9fb4d87a7d6a10fa670941ea89b2ad48efcd52a9214fdbbb1f9d46ddd3bd

Request headers

Content-Type
application/json
Referer
https://www.oligo.security/
accept-language
de-DE,de;q=0.9
Authorization
Bearer 6e8d2b53411682427948
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
visited_url
https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654

Response headers

date
Wed, 04 Oct 2023 06:38:26 GMT
via
1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-powered-by
Express
etag
W/"96-ZwmFOL7+1j6lryxT6o61XETdpLo"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
content-length
150
apigw-requestid
MQ4_biNevHcEPLQ=
x-amz-cf-id
-AZ3GSBmVW40dn9EWk9-5AzbviULbqM1t4rFrrZ8RSki12gB65DoZw==
getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame
0
0
Preflight
General
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-2.fra56.r.cloudfront.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,visited_url
Access-Control-Request-Method
GET
Origin
https://www.oligo.security
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
0
apigw-requestid
MQ4_ZjqcPHcEPsQ=
date
Wed, 04 Oct 2023 06:38:26 GMT
vary
Access-Control-Request-Headers
via
1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-id
FpAVCWCh54AOcKZgk1ce9KzzrdnyU739HU0juptCq7I3-Bez75qr_w==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
x-powered-by
Express
/
ws.zoominfo.com/pixel/6447dc3b5e5a158ac382ed5d/
3 KB
2 KB
Fetch
General
Full URL
https://ws.zoominfo.com/pixel/6447dc3b5e5a158ac382ed5d/?iszitag=true
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8ac59a3ee67da409fb0135c449ca226162df99bad2dede3507dee05c803c8b51
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
_vtok
MTc4LjE2Mi4yMDkuMTMx
_zitok
f055cb8e2de0b6ada6151696401506
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/javascript

Response headers

date
Wed, 04 Oct 2023 06:38:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://www.oligo.security
access-control-allow-credentials
true
cf-ray
810b6c097b9403f8-FRA
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok
alt-svc
h3=":443"; ma=86400
/
ws.zoominfo.com/pixel/6447dc3b5e5a158ac382ed5d/ Frame
0
0
Preflight
General
Full URL
https://ws.zoominfo.com/pixel/6447dc3b5e5a158ac382ed5d/?iszitag=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_vtok,_zitok,content-type
Access-Control-Request-Method
GET
Origin
https://www.oligo.security
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok
access-control-allow-origin
https://www.oligo.security
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
810b6c088e39371b-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 04 Oct 2023 06:38:26 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
app.hubspot.com
URL
https://app.hubspot.com/api/treatments/v2/bulk-get?hs_static_app=MeetingsPublic&hs_static_app_version=1.35589&other=4c8738a0-640a-447e-80cb-d65daa283a3d

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| MeetingsEmbedCode object| _hsp string| __hsUserToken object| hbspt function| $ function| jQuery function| tram object| Webflow object| dataLayer function| hj object| _hjSettings object| WebflowTools object| fsAttributes object| FsAttributes object| injectedOptions object| COOKIES_ALLOWED undefined| preferenceSet object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager object| google_tag_data string| _linkedin_data_partner_id object| GooglebQhCsO object| zi string| ZIProjectKey function| onYouTubeIframeAPIReady object| gaGlobal object| process function| lintrk boolean| _already_called_lintrk boolean| _hspb_loaded boolean| _hspb_ran object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded object| __hsCollectedFormsDebug boolean| PIXELS_RAN object| enabledEventSettings object| _linkedin_data_partner_ids boolean| _hstc_ran number| expireDateTime object| zitag object| ziws

28 Cookies

Domain/Path Name / Value
.go.oligo.security/ Name: __cf_bm
Value: eSUYXfEb7oj_FsH6IKvgSTpsVb9G6P5n_o60MoAD2Ls-1696401503-0-AUtX0C7VM1ov9wQyxlMdwzFwyvvaoFbmrkUlm6GrBdN1MK4zU8RvQXxNJ+fXFp5Jh+Qqpui0fII9dh+xUc17bsU=
.go.oligo.security/ Name: __cfruid
Value: fe86364aeccfb18ba3a8d466bebae629dd96bb33-1696401503
.oligo.security/ Name: _gcl_au
Value: 1.1.938924101.1696401504
.oligo.security/ Name: _hjSessionUser_3280496
Value: eyJpZCI6ImJiODkzODY5LTc3NGUtNWZlZS05YzlhLWY5MzA4YmE1MTc2YyIsImNyZWF0ZWQiOjE2OTY0MDE1MDM2MjcsImV4aXN0aW5nIjpmYWxzZX0=
.oligo.security/ Name: _hjFirstSeen
Value: 1
.oligo.security/ Name: _hjIncludedInSessionSample_3280496
Value: 1
.oligo.security/ Name: _hjSession_3280496
Value: eyJpZCI6IjhmNTU2ZGU4LTVhNzgtNDdhNi05ZGE0LTdlMjgxZDIxZTczNCIsImNyZWF0ZWQiOjE2OTY0MDE1MDM2MjgsImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjpmYWxzZX0=
.oligo.security/ Name: _hjAbsoluteSessionInProgress
Value: 0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.oligo.security/ Name: _ga_MF9NP2JYC7
Value: GS1.1.1696401503.1.0.1696401503.0.0.0
.oligo.security/ Name: _ga
Value: GA1.1.2062662130.1696401504
www.oligo.security/ Name: ln_or
Value: eyI1OTE5MzEzIjoiZCJ9
.nr-data.net/ Name: JSESSIONID
Value: e743858807488b1
.hubspot.com/ Name: __cf_bm
Value: 2sK72bx7oHuLGg12i8Z2F7ciU1HW6b.ZOwQpzDZphTc-1696401504-0-Abd/uwnKID7TNaE5Fb1jc3Z9UQXAZGJC3VSAHSJMQFVeAAMZP+a9futb4eaORIWTvAb+sSeyNuQKcsvcdgBXulQ=
.linkedin.com/ Name: li_sugr
Value: d6b9af60-4d9b-407f-a59c-16cacf65f53a
.linkedin.com/ Name: bcookie
Value: "v=2&06478895-c0e7-4532-8bdb-6e96fcb9586c"
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2645:u=1:x=1:i=1696401504:t=1696487904:v=2:sig=AQGc8BjVbUdcuICcqnPiNjY9yrBcSKQA"
.linkedin.com/ Name: UserMatchHistory
Value: AQLDmgU7K74rYwAAAYr5aLit9zxOHd7FXpgPx7sBCX1NL3avcU_1sJgsG59xNmjUhO0-QvCoo1v-Og
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLYkgyhqVwZSwAAAYr5aLiu-Ok_Iz7pB_HNQhcod7iMK21pydArBpqHhMkpRtZgirumzlG8ONDfgvUeP3sk7w
.www.linkedin.com/ Name: bscookie
Value: "v=1&20231004063825f24efa6c-5943-4351-80c2-a2d1c4367118AQHKAp_fJH1aXx6pVVCwRbg5mr7-0IjO"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTY0MDE1MDU7MjswMjF3cPT+pt9rRygNUVnNVXZxQ31M3kHsa8yMxkqs2fA3tw==
.oligo.security/ Name: __hstc
Value: 263486035.38b67ef2e4c2994ae919ae1dd219a5d4.1696401506108.1696401506108.1696401506108.1
.oligo.security/ Name: hubspotutk
Value: 38b67ef2e4c2994ae919ae1dd219a5d4
.oligo.security/ Name: __hssrc
Value: 1
.oligo.security/ Name: __hssc
Value: 263486035.1.1696401506108
.www.oligo.security/ Name: _zitok
Value: f055cb8e2de0b6ada6151696401506
.zoominfo.com/ Name: __cf_bm
Value: KJJ0npgv1vKePYAJc9DInjEAeTBGvlOMwieDUGCfieg-1696401506-0-AYrITZmdgtRTcRo8evRsqxFZeZdQa/CxFc7tVEBsdFoZGRE10s/134rHxPd1jdLeKsbThTfHfpQ3yYXk3XPdufk=
.zoominfo.com/ Name: _cfuvid
Value: hIYPS0E8wR_DIdgBtqf2dEz78PENRmLDRJKu3mLs.fg-1696401506993-0-604800000

2 Console Messages

Source Level URL
Text
javascript error URL: https://go.oligo.security/meetings/mktg/shelltorch-briefing?embed=true&parentHubspotUtk=38b67ef2e4c2994ae919ae1dd219a5d4&parentPageUrl=https://www.oligo.security/blog/shelltorch-torchserve-ssrf-vulnerability-cve-2023-43654
Message:
Access to XMLHttpRequest at 'https://app.hubspot.com/api/treatments/v2/bulk-get?hs_static_app=MeetingsPublic&hs_static_app_version=1.35589&other=4c8738a0-640a-447e-80cb-d65daa283a3d' from origin 'https://go.oligo.security' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://app.hubspot.com/api/treatments/v2/bulk-get?hs_static_app=MeetingsPublic&hs_static_app_version=1.35589&other=4c8738a0-640a-447e-80cb-d65daa283a3d
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

26088573.fs1.hubspotusercontent-eu1.net
api-eu1.hubapi.com
api-eu1.hubspot.com
app.hubspot.com
bam-cell.nr-data.net
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.privado.ai
content.hotjar.io
d3e54v103j8qbb.cloudfront.net
forms-eu1.hscollectedforms.net
go.oligo.security
googleads.g.doubleclick.net
js-agent.newrelic.com
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hsadspixel.net
js-eu1.hscollectedforms.net
js.hs-scripts.com
js.zi-scripts.com
px.ads.linkedin.com
px4.ads.linkedin.com
raw.githubusercontent.com
region1.google-analytics.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
static.hsappstatic.net
tools.refokus.com
track-eu1.hubspot.com
uploads-ssl.webflow.com
ws.zoominfo.com
www.cdn.privado.ai
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.oligo.security
app.hubspot.com
13.107.42.14
13.32.27.21
151.101.2.137
162.247.241.2
172.65.192.122
172.65.202.201
172.65.202.85
172.65.208.22
172.65.219.229
172.65.238.60
172.65.240.166
18.66.112.109
18.66.97.37
2001:4860:4802:32::36
2600:9000:20eb:a400:2:53b2:240:93a1
2600:9000:2156:8600:14:dc98:7700:93a1
2606:4700::6810:5614
2606:4700::6810:880f
2606:4700::6810:bd59
2606:4700::6812:b05d
2606:4700::6813:9b53
2606:50c0:8002::154
2620:1ec:21::14
2a00:1450:4001:811::2004
2a00:1450:4001:811::2008
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2002
2a02:26f0:3500:16::215:148d
2a06:98c1:3200::90:1
2a06:98c1:3200::90:3
52.222.232.144
52.222.236.2
63.35.249.238
63.35.51.142
76.76.21.98
015192dfd4d6280eddcbe07b3a7aeec493dcc42d24421c983395baa52f3e17d9
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
099a911eb90ffdee5ab88efb3c58200b3e8c6fda8788db3e0962a15e506aba9b
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cb9836297ba0f02992e15dd3df4a6bb118b044cfd9b25e4a5b434a0966ae238
0df4fc857bad2e3d88fc90243c476e32cb19b6258da04af2ffa13549f1bcd6d5
116c54c27a610ba4d4e46d8e9e202f01a9a28ef7a27d405c9f2f13c9cb5e4e17
11f0395ac2ad058ebbd3b44a9be3f387611e9e14bdd10b7eac7d38ce5c5c7776
14c678ef4d3fa28980a58adb416052ec37539fbbbd548fd4d02c10b726881de4
15da0333da024365f065c44b1861355fac0211292dd57a0bb5f482ebcd166f4b
16b27d1adef67c2363ff3b3af1b8439efdf36f57fc30aed6f3f7aaa59edd31d2
199edd020f45388dd1a0eb3de4d584b7f1872428fbbf0ae11bdf0ebbc8bdfeb1
1aad639db4761313e379313bd160db8383ba569f5ad869320b399168890ba716
1b5f6a87cbf95c32bf63d3903a55530a886750b8ca02ad3548604b3cc73da2d6
1df30db67bd1142700a1d2d22015595e8f2c0ae5cdb429d10ba2404adef7d7d0
20fe0951b7926e9d868796bfa7dede123e7e6cd7d261f02b5f97ee4149c77443
21c2ca974f28ea3c09562e4eed10da8559ded77fd2154767c95044b9d9359a21
26ad2c35305cd7babe6afa8b8714dc5f24158bdf228311f130dd526bfc565fdd
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
28e859a343b92d20c6a2fa4424bbdf166ea01d0f479d719823d68872d68103cd
2c699eb55ae3fe61b3d783c8936ab1eb949c596a5c89118f703e328ede2b8308
2ced9caaa23e9a5ac8d16b8f13a21e04545ca796e48eb036437165db33e19a32
34273b76dd2e55cf68a5ff82223c7dbb30d04babf0fbe177f7957c65be8e4f4c
36ba4511d2f2070aaf9d98847dfb6b345b2fe0b0803f3007e95328cf79407195
4422814965de8256ef5f3e608d5052400d213cd2689758377faad24342a0170d
4c5013b0c800324264ccbe5fe549f21cc08e7db884d957f40f96186493bce359
4c59568d0910e070f81e4f29256bcd83e5fa9217230e2eeb5b2f1cce66f15d0c
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
56f89b529d3ae32e7ba6175c30c1d04c7df4f4ea67bb7b5ed0f160ca87e00e1e
57a1be218332ffe88ab1757b2786ea6c193456814044ac6ca5aed7ef6e292e13
65bd183a8e6b6e87555bb7aad153c7b18c9edb58b4daba4b265345dda21a9c91
6af21092e9d6830f1b129124d2895e541aa9113c6b00bb116d184056530b16fd
6f83677606b2235e0a687535c7a0a96156b554d622c659ceea7dbb90372225c6
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c04d4b56ef468d3121e3b201733a33eab1a4e75a590e7d26300f9a65456782e
7dc092306d243a19a04da12bf4ba5cf495be8e33623db482ac0e6e66a6634146
7e7428b0935c232cc780f01fe63950a80159bec35f820290b25fe028f969124b
868385136db19634b12e72ae4946e43be29442939b17855af53d3e34322227a4
8ac59a3ee67da409fb0135c449ca226162df99bad2dede3507dee05c803c8b51
9039f421f86b997ac1deb409454277a2b0012921e87833ba2380836aa8cfc79f
91a3ed526e58ba6845c3ceebaeba0095c76e9ea6c5b2ce1e174aa3603589a4aa
966f96ad4d511b3b134817e612cd8efa16d4ba693dacb7bba5522807d664c078
9cd37aff479dfe3129e5c92fdead3c12b20a3c22437f84b60889b0b89dcd3a4d
a17dafd72b90f331e2c2b39725103c86e28f248432afe0eca3367a403192f9af
a1dc4a796af05ac1a4ed5cf70464b42c6d20ddb031b7fd5acd2b1903a4da4318
a6db7b2c241104c68064ee3e78c314510984ab6d446e4096acca7d5e7a499522
a729bf8c024d5760c02ecaba0804fce0c8256bcba9b507a3bfc528a9a366d6ac
a906213da48e61ce93ef61ee36def14e7bdae38449e1de2fe35306eac10eefd1
abb67ec9baf00b771641b3e783f5511c58621d346ee890fe8b82139b9d7c1005
ae4b092c1ee3b5a9b2d85c4b73643ce9ff33baf091f0c457b227552194aab516
b052ae02766f3a5f58f1c9204da57d64df5f5c01840c367cea6ec4a4568a84a9
b23f161dd93252c739990e4f867432b4edd417cfbeb878cefd3faa3ee8fff63a
b9ce9e5ab558f8774690620818b8c908516eb0973fd8d8c5890ee914e2f3dd0b
bb1d1f3ed6e0638733eb5f3abf747f4663657298c84eac1c8e0ede3b6f1b329a
bd4f146ccf173513668940810610efb89741e66e64d2448afc730ebf2955210e
c1c036584fd4b67f626534b37eef7a19ecf8954e478e78d0329248f2286126e7
c365a59132dd34b492cb3a77d534078dd35cbbf75dbb2eabbe328642b74a291b
c867b00c1dbd3c7ac3af53d79d20ac9db3179579887db5bc6f4d071ab993c392
d1b5aca028dd8447199f3c06601e38f5b8aba3b29be5ccd2de504a561fed2558
d64bfd2f19b569cb9b9ad4c9f3183e097378cdc24863c0fb380d4e8dcd702b24
dc0aaecc5bd879dc1c14c28524bbdc9dd9e3254ee383156709d073b50135ba65
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e07659d8ab7dcada320134e744176947ca18e9e1cd094081764c1d0cd9af1b7e
e1e4e3cba3eeeb3ad74ae67c1f42012ebb51d8497482e5c01d404579d49c6b04
e27899241b25afca9b153d037ed6d24d5b98faf16bb279df2cbe93dd83bfd7b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e887a4e091adb3d75a4092a652fdd7cf34c979a2fb1a6c2128f34c9c51921e29
ea4fafc9e0adbc72b5a22faeabeb059125937e7b22bec32fd2b00cdb66c152b6
ee4b5e873bb745f8e12af6fe92606b65e5d706e8112af6b05f82b2a44bc9a823
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8e1a9995baf1e6cf3208860c38185eb6c78cd1a0bbda27c82b01caa1ec9ad1e
f8fb1dc8293237359c2422f574d9b9529f57c1efd83611e0174823c5c11c01d7
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d
fa1b9fb4d87a7d6a10fa670941ea89b2ad48efcd52a9214fdbbb1f9d46ddd3bd
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25