www.uptycs.com Open in urlscan Pro
199.60.103.30 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Submission: On April 16 via api (April 16th 2024, 8:09:45 pm UTC) from BY — Scanned from DE

Summary HTTP 86 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 22 domains to perform 86 HTTP transactions. The main IP is 199.60.103.30, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.uptycs.com.
TLS certificate: Issued by GTS CA 1P5 on March 16th 2024. Valid for: 3 months.

This is the only time www.uptycs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	199.60.103.30 199.60.103.30	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	35.201.125.192 35.201.125.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	96.17.22.84 96.17.22.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:ad5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:440... 2606:4700:4400::ac40:9284	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:6cfe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:afc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:80ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	34.111.194.12 34.111.194.12	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	104.17.239.249 104.17.239.249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.96.115 104.18.96.115	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:c07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.160.125 104.18.160.125	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
6	93.186.134.99 93.186.134.99	6762 (SEABONE-N...) (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A.)
1	2a02:26f0:780... 2a02:26f0:780::210:a423	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	104.18.37.212 104.18.37.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20e1:bc00:15:a0d3:77c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	() ()
1	2a02:26f0:ab0... 2a02:26f0:ab00::214:8e41	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	104.16.117.43 104.16.117.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
86	28

29 199.60.103.30 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.uptycs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.125.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.125.201.35.bc.googleusercontent.com

cdn.bc0a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.17.22.84 (Santiago, Chile)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-22-84.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ad5b (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:4400::ac40:9284 (United States)

ASN13335 (CLOUDFLARENET, US)

2617658.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:6cfe (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:80ac (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.194.12 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 12.194.111.34.bc.googleusercontent.com

ixfd2-api.bc0a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.239.249 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.96.115 (None, )

ASN13335 (CLOUDFLARENET, US)

2617658.hs-sites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c07d (United States)

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.160.125 (None, )

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 93.186.134.99 (Italy)

ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT)

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a423 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.37.212 (None, )

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e1:bc00:15:a0d3:77c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (None, )

ASN- ()

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ab00::214:8e41 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.117.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws-assets.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	uptycs.com www.uptycs.com	581 KB
8	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 4232 app.hubspot.com — Cisco Umbrella Rank: 5604 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4182 track.hubspot.com — Cisco Umbrella Rank: 2418	31 KB
7	6sc.co j.6sc.co — Cisco Umbrella Rank: 5929 c.6sc.co — Cisco Umbrella Rank: 9143 ipv6.6sc.co — Cisco Umbrella Rank: 6057 b.6sc.co — Cisco Umbrella Rank: 3901	19 KB
7	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4261 forms-na1.hsforms.com — Cisco Umbrella Rank: 6850 perf-na1.hsforms.com — Cisco Umbrella Rank: 4554	5 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 340 www.linkedin.com — Cisco Umbrella Rank: 609 px4.ads.linkedin.com	3 KB
5	zoominfo.com ws-assets.zoominfo.com — Cisco Umbrella Rank: 11768 ws.zoominfo.com	29 KB
5	hubspotusercontent-na1.net 2617658.fs1.hubspotusercontent-na1.net	142 KB
4	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2232	17 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 7050	3 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4586 forms.hscollectedforms.net — Cisco Umbrella Rank: 4713	26 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	195 KB
2	bc0a.com cdn.bc0a.com — Cisco Umbrella Rank: 13009 ixfd2-api.bc0a.com — Cisco Umbrella Rank: 17924	18 KB
1	clickcease.com www.clickcease.com — Cisco Umbrella Rank: 11894	43 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 822	17 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 109	64 B
1	hs-sites.com 2617658.hs-sites.com
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2548	254 B
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4865	25 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3170	4 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2238	22 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5635	6 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 3797	361 B
86	22

	Domain	Requested by
29	www.uptycs.com	www.uptycs.com js.usemessages.com
5	track.hubspot.com
5	2617658.fs1.hubspotusercontent-na1.net	www.uptycs.com
4	ws.zoominfo.com	js.zi-scripts.com ws-assets.zoominfo.com
4	b.6sc.co
4	px.ads.linkedin.com	3 redirects snap.licdn.com
4	js.hs-banner.com	www.uptycs.com js.hs-banner.com
3	js.zi-scripts.com	www.uptycs.com js.zi-scripts.com
3	forms.hsforms.com	www.uptycs.com
2	perf-na1.hsforms.com	www.uptycs.com
2	forms-na1.hsforms.com	www.uptycs.com
2	www.googletagmanager.com	www.uptycs.com
1	ws-assets.zoominfo.com	js.zi-scripts.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	www.clickcease.com	www.uptycs.com
1	snap.licdn.com	www.googletagmanager.com
1	j.6sc.co	www.uptycs.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	2617658.hs-sites.com	js.hubspot.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	ixfd2-api.bc0a.com	cdn.bc0a.com
1	region1.google-analytics.com	www.googletagmanager.com
1	app.hubspot.com	www.uptycs.com
1	js.usemessages.com	www.uptycs.com
1	js.hsadspixel.net	www.uptycs.com
1	js.hubspot.com	www.uptycs.com
1	js.hs-analytics.net	www.uptycs.com
1	js.hscollectedforms.net	www.uptycs.com
1	static.hsappstatic.net	www.uptycs.com
1	s7.addthis.com	www.uptycs.com
1	cdn.bc0a.com	www.uptycs.com
86	35

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
twitter.com
www.facebook.com
nvd.nist.gov
2617658.fs1.hubspotusercontent-na1.net
www.youtube.com

Subject Issuer	Validity	Valid
www.uptycs.com GTS CA 1P5	`2024-03-16` - `2024-06-14`	3 months	crt.sh
cdn.bc0a.com GTS CA 1D4	`2024-03-20` - `2024-06-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-09` - `2024-12-11`	a year	crt.sh
hsappstatic.net E1	`2024-03-10` - `2024-06-08`	3 months	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
hscollectedforms.net E1	`2024-03-29` - `2024-06-27`	3 months	crt.sh
hs-banner.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
hs-analytics.net GTS CA 1P5	`2024-04-13` - `2024-07-12`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
hsadspixel.net E1	`2024-04-16` - `2024-07-15`	3 months	crt.sh
usemessages.com E1	`2024-04-12` - `2024-07-11`	3 months	crt.sh
ixfd-api.bc0a.com GTS CA 1D4	`2024-02-23` - `2024-05-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-18` - `2024-05-17`	a year	crt.sh
hs-sites.com Cloudflare Inc ECC CA-3	`2024-03-10` - `2024-12-31`	10 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
6sc.co R3	`2024-04-09` - `2024-07-08`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
zi-scripts.com GTS CA 1P5	`2024-03-29` - `2024-06-27`	3 months	crt.sh
clickcease.com Amazon RSA 2048 M02	`2023-11-26` - `2024-12-24`	a year	crt.sh
zoominfo.com E1	`2024-03-22` - `2024-06-20`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Frame ID: 0BB4078EEC2D91F1A1B5097C786EA99A
Requests: 82 HTTP requests in this frame

Frame: https://2617658.hs-sites.com/hs-web-interactive-2617658-141040881575
Frame ID: B9751FA0A307308A5E3DC985E21457C4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WinRAR Vulnerability Exploitation: Decode & Bolster Protection

Detected technologies

AddThis (Widgets) Expand

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

86
Requests

99 %
HTTPS

56 %
IPv6

22
Domains

35
Subdomains

28
IPs

5
Countries

1183 kB
Transfer

2997 kB
Size

19
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Search URL Search Domain Scan URL

URL: https://nvd.nist.gov/vuln/detail/CVE-2023-38831
Title: CVE-2023-38831

Search URL Search Domain Scan URL

URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Assets_Website_2023/Datasheets/Datasheet_EDR-XDR-Competitive-Comparison/Datasheet_EDR-XDR-Competitive-Comparison.pdf
Title: Uptycs XDR vs. The Old Way

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/uptycs/

Search URL Search Domain Scan URL

URL: https://twitter.com/uptycs?lang=en

Search URL Search Domain Scan URL

URL: https://www.facebook.com/uptycs/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@uptycs

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1713298183274&li_adsId=2521663d-d502-4bbf-8b26-14b104d29c2a&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1713298183274&li_adsId=2521663d-d502-4bbf-8b26-14b104d29c2a&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1252922%26time%3D1713298183274%26li_adsId%3D2521663d-d502-4bbf-8b26-14b104d29c2a%26url%3Dhttps%253A%252F%252Fwww.uptycs.com%252Fblog%252Fwinrar-vulnerability-exploitation%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1713298183274&li_adsId=2521663d-d502-4bbf-8b26-14b104d29c2a&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1713298183274&li_adsId=2521663d-d502-4bbf-8b26-14b104d29c2a&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&cookiesTest=true&liSync=true&e_ipv6=AQIBlkvgBdpy5QAAAY7oh5emXH0gE0AY2_m6HN3t384INSPPgxiggZp_FDc7Cy8CxfYbgF_21e2lVQ

86 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request winrar-vulnerability-exploitation Show response
www.uptycs.com/blog/ 195 KB
29 KB 930ms
802ms Document
text/html 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

daa6ba4aaaa19a6c3534b658a750a68d12c9cc742b940c61ee84d1191045b6b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=7200,max-age=5
cache-tag: CT-133806526071,CG-5593128451,P-2617658,CW-134517756523,CW-137251800366,CW-143390829180,CW-145789449845,CW-148704032934,E-105237096759,E-105237648739,E-105237674790,E-105237810298,E-105237812090,E-105237812106,E-105237812592,E-118532473678,E-122960336740,E-134903242311,E-148557950338,E-148558324100,MENU-134515445611,PGS-ALL,SW-0,GC-106292852859,GC-134517756932,GC-134902441270,GC-137251800404,GC-149008240508
cf-cache-status: EXPIRED
cf-ray: 8756d06e49a4a025-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Tue, 16 Apr 2024 20:09:39 GMT
edge-cache-tag: CT-133806526071,CG-5593128451,P-2617658,CW-134517756523,CW-137251800366,CW-143390829180,CW-145789449845,CW-148704032934,E-105237096759,E-105237648739,E-105237674790,E-105237810298,E-105237812090,E-105237812106,E-105237812592,E-118532473678,E-122960336740,E-134903242311,E-148557950338,E-148558324100,MENU-134515445611,PGS-ALL,SW-0,GC-106292852859,GC-134517756932,GC-134902441270,GC-137251800404,GC-149008240508
last-modified: Tue, 16 Apr 2024 09:30:10 GMT
link: </hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script, </_hcms/forms/v2.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ICozDIGL12WVIlSRbOI9Pk6MGdTIoYj6j32jxnsoFzpiDqbDTNUErd2pQnmxvY5iii%2FF9egLQqjbxchhAcVQPLLFnGbx0HfK2NiWaG4RB0HcFdx7wQcK2CIJTaFsSIZ8"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=3628800
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 302
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/cms-0-9-td/envoy-proxy-78d58c8b5c-tdf78
x-evy-trace-virtual-host: all
x-hs-cache-config: BrowserCache-5s-EdgeCache-7200s
x-hs-content-id: 133806526071
x-hs-hub-id: 2617658
x-hubspot-correlation-id: 67ab79f3-4488-4de9-adb3-07d6b8a3ea90
x-request-id: 67ab79f3-4488-4de9-adb3-07d6b8a3ea90

GET
H3 200 project.js Show response
www.uptycs.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 68ms
67ms Script
application/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 2954205
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CRBn4Y4Pf0QaroV5F0BKdTjrJxq0%2BFNjjeY0DO0Kfy%2F6qlCXBfyeQFLg3c7u%2BKC1nl%2FrRpQsyWB6V1CD6ib1olbtbbmYgVN2plq67EVSSbw7kXGrMXq0B6HKgYXoGe3v"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8756d0735938a025-FRA
x-amz-cf-id: vMxH2clCDRRjd7emHmifSLXhLc2TFOGFc0VsUqlcTSiVQmWY_1aUGQ==
expires: Wed, 16 Apr 2025 20:09:39 GMT

GET
H3 200 v2.js Show response
www.uptycs.com/_hcms/forms/ 482 KB
160 KB 82ms
82ms Script
application/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 509
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5064/bundles/project-v2.js&cfRay=8756c405f15468e9-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"b0047a8901d8ed9f81db3dcb5982114e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5064/bundles/project-v2.js
date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 66b6cd04ec22251498906e833eb08668.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-amz-version-id: 4lHA5dnNobe4YqKec9CE2kPtPUzRSBNR
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 66d8420d-81ad-4769-bdc0-0a73a39bfd9d
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 66d8420d-81ad-4769-bdc0-0a73a39bfd9d
last-modified: Wed, 03 Apr 2024 11:15:05 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B5qRKfpB21wn7IF5ytlyOK7hHD26YoKmaEEB8uOATVBubFQomYsu9xrhvukw4E1WqoIPDyl6icdD0WhYLSmKN%2FJmNRVexVroTZaiXyqcHQyTGiWqxzAKJ6OXf04EJIdu"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-xzfkt
cf-ray: 8756d073593ba025-FRA
x-amz-cf-id: RlEjYZnhvYnQkKYji6fCcZ6KzkYxAqwrkgUKLwGvMpWuGUijsx3nbw==

GET
H2 200 autopilot_sdk.js Show response
cdn.bc0a.com/autopilot/f00000000301697/ 46 KB
16 KB 365ms
130ms Script
application/javascript 35.201.125.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bc0a.com/autopilot/f00000000301697/autopilot_sdk.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.125.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

192.125.201.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

eef60ddfd0f1a9ed27970a3d97e6a4b14f000893172ed9deb5858f5f10e5d3ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-goog-meta-marvel_enabled: true
content-security-policy: default-src 'self' 'unsafe-inline';
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPrXysh1oBDg-OuAbF5hVULA7HdYJc5jk5ARtbXySuLjAVWy5z4GtE5iFVhBk-e2t7kh9HAaA_ZXzg
x-goog-meta-sdk_canonical_host
x-goog-meta-sdk_whitelist: ixf
x-goog-stored-content-encoding: gzip
x-goog-meta-publishingdate: 2023-12-04 16:51:09
x-goog-meta-sdk_canonical_protocol
etag: "ffeedc14f92e158a51402f1f04138114"
vary: Accept-Encoding
x-goog-generation: 1701708669536076
content-language: en
access-control-allow-origin: *
x-goog-meta-custom: true
access-control-expose-headers: Content-Type
x-goog-meta-marvel_test_mode: false
cache-control: public, max-age=360
content-type: application/javascript
x-goog-meta-spa: false
expires: Tue, 16 Apr 2024 20:15:39 GMT
x-goog-meta-sdk_version: 1.5.9
date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-goog-meta-sdk_account_id: f00000000301697
x-goog-meta-sdk_request_parameters_case_sensitive: false
x-goog-meta-marvel_config_consistency_custom: {"data-testmode":true,"data-customerid":"f00000000301697"}
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-marvel_customer_id
x-goog-metageneration: 3
x-goog-meta-sdk_log_level: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15630
x-goog-meta-content_only: false
last-modified: Mon, 04 Dec 2023 16:51:09 GMT
server: UploadServer
x-goog-hash: crc32c=fzuFhg==, md5=/+7cFPkuFYpRQC8fBBOBFA==
x-goog-stored-content-length: 15630
accept-ranges: bytes
x-goog-meta-disable_debug_elements: false

GET
H3 200 main.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237096759/1708496906106/Uptycs_Theme_2023/css/ 245 KB
46 KB 122ms
121ms Stylesheet
text/css 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237096759/1708496906106/Uptycs_Theme_2023/css/main.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

47f03cc6ab71a0bc759411bf942c7e4c5b3168d7a02032d515b0d3f7ae05ce43

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 1838
x-amz-request-id: 15B1N1SH3YKSZ93S
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"398e3a4f92dd1c254383d41726efc6b6"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1708496906106
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 841dfa6074cf4b3b0718988f088a4ac2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: FfssNWgKUerH0TubLvL8kBz72Ji6.pVk
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: c406292f-8ff8-458b-9bbc-d44ba322c32a
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 321
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cN4A9/4u+0V+JZUOcc/XXpMc7svdZXcdB1YBjMa1IFJRwWKRYyi/RTlH0R4DWax0XmangHpvcRk=
x-evy-trace-route-configuration: listener_https/all
x-request-id: c406292f-8ff8-458b-9bbc-d44ba322c32a
last-modified: Wed, 21 Feb 2024 06:28:27 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j4XU9LIHZw2UMokPKRDFc0Mx5dMlODtqAzMXz4mLL5Th%2BVY3JtS5ZEiQijVOaT%2Bd1%2BeU%2BZFX%2B23h4FcqnEiY7rl22T4TVeNoIVPWZ4%2ByQYZPiR%2BQsjXHz7vkTvyaV5iN"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5c8495489f-wvfbh
access-control-allow-credentials: false
cf-ray: 8756d073593da025-FRA
timing-allow-origin: www.uptycs.com
x-amz-cf-id: 0JCD_fDRhZNbdZhCxGdLoEdgxs0zKpbWLSPxWg8u9KY3t5m4erEkLw==

GET
H3 200 blog.min.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237812106/1710870266231/Uptycs_Theme_2023/css/templates/ 35 KB
9 KB 77ms
75ms Stylesheet
text/css 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237812106/1710870266231/Uptycs_Theme_2023/css/templates/blog.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0129b8069a49823a5d35bf34b49b24dc6bedf3d14e3dda384c670e1cc70ac808

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 1837
x-amz-request-id: S40SH1WYAX2H22C2
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"eb51320455fd73f76e559fcf687f9e3b"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1710870267176
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 824fe21e467658628899bdd8725649ee.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: o7a3.XqqxlKj3z8oojZtEeBDeAybw1L6
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 87b04fe5-77aa-45f8-8287-10437f33cbd5
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 187
alt-svc: h3=":443"; ma=86400
x-amz-id-2: F8HaDpXOd3hvt5myOLYg6G/T+tzmWmh3L+GwKkYYYcBCd5xoZkRyZdvJgH+sk4iL6kFY7jjB5Nk=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 87b04fe5-77aa-45f8-8287-10437f33cbd5
last-modified: Tue, 19 Mar 2024 17:44:28 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TzI9oHN2oZTIbzBs6IVM1belSVozillXrZf7RdO%2BfzqtfOeNII27DUHV%2BiV8nVvGnAsUt3aL6VEKPEKxDvk9OIHPnmorJMkhs4kM4p2DxzfGAHS9pN%2F7dAVoinKAWiqO"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5c8495489f-wvfbh
access-control-allow-credentials: false
cf-ray: 8756d073593ea025-FRA
timing-allow-origin: www.uptycs.com
x-amz-cf-id: q2x_xWK4AyEzf2TmO3q35gFMhRhjCOplsZ_tWxZECntR0LTzCvGu-g==

GET
H3 200 theme-overrides.min.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1709079590067/Uptycs_Theme_2023/css/ 26 KB
7 KB 71ms
70ms Stylesheet
text/css 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1709079590067/Uptycs_Theme_2023/css/theme-overrides.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1319f660ed35f54b74f6661678a888cb40450ce747a39b0e5e24e9b81a5d0362

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 1838
x-amz-request-id: B4SKE0BD8DNVV46M
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"a707bb5384c0548154650a004cc1af77"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1709079590967
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 ed8e6c4476f2632eef2c7ce856161af0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ISCRxcMAPyY0vnuDQDPqmcAkWXRNK_eZ
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: aca83e19-3bfb-423d-9974-d95a846fca55
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 225
alt-svc: h3=":443"; ma=86400
x-amz-id-2: oLizgZM9nLwk0OtFpTdnGzeY8P2NBgbhl22triOLspStP2XOFqpasPEecC7oyz03lfRPpxKEZyQ=
x-evy-trace-route-configuration: listener_https/all
x-request-id: aca83e19-3bfb-423d-9974-d95a846fca55
last-modified: Wed, 28 Feb 2024 00:19:51 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tb8Ll7ivSRaS5ODXgN1z6YK73G8tz%2F3ibtZvefOgSYX3PyD8vhEAsH%2Fqw5RvkZag33Kbgbkp3hhF%2FpsJKWqaseRlRx0%2B76UZhgvTYUUjWKEVM4u1Bvh4biW1vXW4KhY4"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5c8495489f-98jll
access-control-allow-credentials: false
cf-ray: 8756d073593fa025-FRA
timing-allow-origin: www.uptycs.com
x-amz-cf-id: o_l4wzqtS0VXzAJD_icmXqnsm7-Cx5zqbmDkMfuKvhBK_uY4rEa2cg==

GET
H3 200 uptycs-custome-style.min.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/118532473678/1710779054700/Uptycs_Theme_2023/css/ 14 KB
5 KB 62ms
61ms Stylesheet
text/css 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/118532473678/1710779054700/Uptycs_Theme_2023/css/uptycs-custome-style.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

66a8b75434260e1f342f6076266eeb326b6dac3c64101c336c1d72c5b45a2159

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 1838
x-amz-request-id: TMMTHBN2WNBXQVZG
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"b853fb3bb9ae7020150c29845393386f"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1710779055467
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 9wv4Pljfeti7uKOyyvObrgIYPTP_djGH
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: cfaeb2ea-073c-4ab7-99d8-51a0366ed624
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 188
alt-svc: h3=":443"; ma=86400
x-amz-id-2: LR30TiWI+9mH4+SE6/kpXE3RL5yOd0XYflomlgHiRfSNuMd46Rq/VTXg+KUBWayKfh/cRPSkdSo=
x-evy-trace-route-configuration: listener_https/all
x-request-id: cfaeb2ea-073c-4ab7-99d8-51a0366ed624
last-modified: Mon, 18 Mar 2024 16:24:16 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P1Yn8kM3t37zXb0dK1hiJEYC7zYgQ9HhkY%2FKq92z8PyUHb0OkTnJNnv7tdFpEhMn3339HfsuGgp7ctjw3ZoNvIiJrNGWNEsIEzRswOlS2dXe%2FyZeviKmy4lww8TSpvUq"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5c8495489f-fmgh5
access-control-allow-credentials: false
cf-ray: 8756d0735940a025-FRA
timing-allow-origin: www.uptycs.com
x-amz-cf-id: meq6Rdz_XqsVsa690ye4mPWw3MbCA7QTMGbaxEhygMQpAdRKZ4UCWg==

GET
H3 200 aos.min.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/148558324100/1701758803135/Uptycs_Theme_2023/css/aos/ 25 KB
3 KB 130ms
129ms Stylesheet
text/css 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/148558324100/1701758803135/Uptycs_Theme_2023/css/aos/aos.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 1838
x-amz-request-id: Q0VHCBP0Q647CY6B
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"847da8fca8060ca1a70f976aab1210b9"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1701758803994
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 6bc1c280aeef9bbdeb102c7f4e4f773e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: aC6KA8UZKfJhWtCTrFWyk_a9_17hKq4I
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 2e2cf8e3-3a8f-45fa-9fc2-553c2a9074ec
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 204
alt-svc: h3=":443"; ma=86400
x-amz-id-2: W60xRW3kNO+RC6tPwI2ZjX8TUKuBrhdQKcEh0WKDmGQ9oZay6J4z53qd6hE+Uz+CxAG+RdoTKlg=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 2e2cf8e3-3a8f-45fa-9fc2-553c2a9074ec
last-modified: Tue, 05 Dec 2023 06:46:44 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r8FoyFHIRC5cWGZJHVjQugsNO%2BfsNlUmU3EETbN%2BoWACTx%2FUiyfnQwqSBdg%2BhbP5E2Z54%2BLqYZqzluLYPpEG7CJ1EUxOBwhLEazuyFJ8vYXP7neJIkdqZQ4FEVDCDUZv"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-649c5bbc6c-zjtxl
access-control-allow-credentials: false
cf-ray: 8756d0735941a025-FRA
timing-allow-origin: www.uptycs.com
x-amz-cf-id: 0ChJQ5xs5c8Gai3TlbDTbAzsUTmekGdMR7IpOgrf-K_Bk1Nxape8xQ==

GET
H3 200 module_134517756523_Uptycs_-_Header_Mega_Menu.min.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/134517756523/1698434939553/ 51 B
1 KB 130ms
129ms Stylesheet
text/css 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/134517756523/1698434939553/module_134517756523_Uptycs_-_Header_Mega_Menu.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc3a1deb7e3828d4af18bb095b0642db6df003ed68381d53c45ab45e0cd08451

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 1838
x-amz-request-id: 0YG3DY0RT3YT14J1
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"06859d41da6ec38fd3e140a223163683"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1698434939553
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 c6b0d1d85b2590c57ac754bf9e61944e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: EC_EqvUpCxI.SrQOFeBdjJesg8rRhyRB
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 125af631-1ec4-4d98-bf62-47b27007d7f4
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 160
alt-svc: h3=":443"; ma=86400
x-amz-id-2: WidLJvLnNok38tEl7wDXd84a3+tAQUg1Qwicd88b6t3mBJDb2F1zglx18FDfhsZ+pOMWn95iEm4=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 125af631-1ec4-4d98-bf62-47b27007d7f4
last-modified: Fri, 27 Oct 2023 19:29:00 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AOFwUSk96ak%2FKrYZmHYUu7%2F0Q1f%2Bp44TK8pcJryDqj60Nm6%2Fsbxt8ZevBgO1lYAeKPIHlrcd158Nk8JC4xQd6Ruly%2B4QCT74SKJB26TOD2sAfzLAHVAtyYhNA7hbtfXX"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-649c5bbc6c-fjwx7
access-control-allow-credentials: false
cf-ray: 8756d0735942a025-FRA
timing-allow-origin: www.uptycs.com
x-amz-cf-id: 2XUydswpmShzq-hC39mssG9BIgAcKv3XLB5vJ4pwaxi9GLxHcfhQpQ==

GET
H3 200 module_137251800366_EXT_-_Footer_Update_New_2023.min.css
www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/137251800366/1702050635467/ 343 B
2 KB 130ms
129ms Stylesheet
text/css 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/137251800366/1702050635467/module_137251800366_EXT_-_Footer_Update_New_2023.min.css

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e39b04223da4b61f9443127008257c7e245bb4567f8aea02b92c61f8f9ff8c18

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 2375
x-amz-request-id: VMK7ENVK68809HEJ
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"6a10230f5457813f9eed7bb1445a8e96"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1702050635467
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 dd169cfdbbafbb3da513bede6bc6640e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: HNTvF64VoMaMeTmata3Lf7_PSDoQqKwj
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 9c486d7d-a237-448c-976d-73fbb5283bf6
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 176
alt-svc: h3=":443"; ma=86400
x-amz-id-2: yONK3IuoW+XfvzP6GVSGHS5k4JGa+bQJoEnyOY5nLHBI1QDsTZMs0y9FN39xC46ZFLP39JvPE3A=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 9c486d7d-a237-448c-976d-73fbb5283bf6
last-modified: Fri, 08 Dec 2023 15:50:36 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JNVwGfOcs3nfQP6Qk7G386nSMTWPsXZaPvSsliixqHx8eOUolS5MysLaMSZ67LNDgc1nSckv5d8Dnoxc23Q33ZmkIknlVdltZKSNIcA1qktF3Hp5ytb0Wu1jnkmo7mUA"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5c8495489f-xmkhz
access-control-allow-credentials: false
cf-ray: 8756d0735943a025-FRA
timing-allow-origin: www.uptycs.com
x-amz-cf-id: wmE-Q4q2WUgjncNXIfNu1TuDL0l5q1_iy6il8m4WvNVwNtN3fj9z9w==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 322 KB
104 KB 274ms
40ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FM1R8N7KP8

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c4abe335de21d3c217464900069df441f789c7bbdacaf01502c580302882a4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105663
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Apr 2024 20:09:39 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 1174ms
228ms Script
text/javascript 96.17.22.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.22.84 Santiago, Chile, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-17-22-84.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 16 Apr 2024 20:09:40 GMT
server: Oracle API Gateway
opc-request-id: /97591E3DA9748479B6F350C2E3D62F98/A8C1A779999DD03BD39991DD2F4B65B5
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H3 200 Logo-2.png
www.uptycs.com/hs-fs/hubfs/ 1 KB
2 KB 69ms
68ms Image
image/webp 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/Logo-2.png?width=232&height=70&name=Logo-2.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c247f4f6de93c46c80e02486f424fe8688f0a7452bf075f3fc9c69787023af55

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 fa6ccc8f7e7d948277c6904aeb2ae7a2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-116328200274,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1470
cf-resized: internal=ok/m q=0 n=769+0 c=0+3 v=2024.4.0 l=1470
last-modified: Fri, 19 May 2023 16:57:10 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfKsXki7rADSFPnuCVrPpta8h8HviWbuUVkP6tVMqlDQ:994f4838c3a75378da2344348501fb9a"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eQ2mBJem92%2F77OddaFKNQrPEfKv%2F0UZD5npMLgnbb68UvPcVR3JyHOQDjb1rYr7nLEQpQ16XewIOQUAjTgAWhcYEb8ZQ2S2sUil%2B%2BNLVuAyubDEVIlxdLHfpT2iC3P19"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8756d0735946a025-FRA
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H3 200 KC%20Image%20500x500%20Web.webp
www.uptycs.com/hs-fs/hubfs/ 17 KB
18 KB 111ms
110ms Image
image/webp 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/KC%20Image%20500x500%20Web.webp?width=500&height=500&name=KC%20Image%20500x500%20Web.webp

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aec0edd8a3392894c45f5198ed0d0fca6db9ccd08876ef5f46220036769b4172

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 b08e1d433d62b5ab056680968a8cc7ea.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-135617155332,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 17720
cf-resized: internal=ok/h q=0 n=27+0 c=2+0 v=2024.4.0 l=17720
last-modified: Tue, 19 Sep 2023 15:30:03 GMT
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cfP8dgq6p8sG6DlxWdBZOHSCvvlNYXA11WPbRXVG9jDQ:7533e35f48ccea362e4e3a2d25f931b1"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VaXPGmpV0yOsD4TuoIAoG3li4JB%2Faf%2FOA5Ety7OZvx9g%2F4ThPT1slvsS9QdUbnUVVzTI1famKY98SiBxmtepkEvewVwtlfPTgxcGQtBLS3NExosV5RFWccG7aL%2FsHAjD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8756d073795da025-FRA
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H3 200 Logo-Shield_Padded_400x400.png
www.uptycs.com/hs-fs/hubfs/ 512 B
1 KB 88ms
86ms Image
image/webp 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/Logo-Shield_Padded_400x400.png?width=45&height=45&name=Logo-Shield_Padded_400x400.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5623e9b1282e7a679a484471893d725a1c7fd3f53f73acbe24d593837be53cb8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-98273713033,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 512
cf-resized: internal=ok/m q=0 n=792+0 c=0+3 v=2024.4.0 l=512
last-modified: Thu, 12 Jan 2023 16:51:32 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfAj9E67A2iJEGU2ctgI7XiQ2Hdc90szObOHm-ATa9DQ:9dc86353e444c47b96f3bb4939d2d633"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w6D5lgnG%2F3V62AJ6qPNqRK0cHMZHp7T4kkVc5ON12I9oXD2IhQQry7CJE1jTjc3UvYV3i7ZsTmndKAqRSl5lRTo23MoVy3PsuKiisz7CaOPbR13oOG%2FCn5CZSfWnnyoP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8756d0744a80a025-FRA
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.840/ 13 KB
6 KB 265ms
32ms Script
application/javascript 2606:4700::6811:ad5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.840/embed.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ad5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee5c21fba72db5037f82a272693e5db4bb73ab1059a340dcffc9bee28f670c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:39 GMT
x-amz-version-id: e_mEpsTIjne7IZWFj8MkYDmouI7jSgMC
via: 1.1 a2ce61e5ddc66736c9e2bfb6581fa2da.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P6
age: 1299393
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 01 Apr 2024 16:01:41 GMT
server: cloudflare
etag: W/"3a4474324e070674ecd017b9d44b9c99"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kqHVdPbaBaXnBiWyXxCLcKcbCBo0bM8XJTcOaxMgsx5Xj7F0cZzwaUS5etAvUQaYrJniukAGvquwirlLmoq54RR4OIEX2zEbV0shiCg6gkV%2FUczTxTRKc%2Bfyn5vXJS%2Fv%2FScdN%2BdqaCMAMTzTkxF%2B%2FN5%2FPdY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8756d075b8cb9735-FRA
x-amz-cf-id: uPbLZkmjrnCQRcy_jlXxA53kIIcKlWFGGfQZ_1GaMR0TsSieN4Mxjg==
expires: Wed, 16 Apr 2025 20:09:39 GMT

GET
H3 200 aos.min.js Show response
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/148557950338/1701758865859/Uptycs_Theme_2023/js/aos/ 14 KB
6 KB 61ms
61ms Script
application/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/148557950338/1701758865859/Uptycs_Theme_2023/js/aos/aos.min.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ac8d97e764db7910c1cebdfe45a86320fd20f14fdb7556e945b682924232a39

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 2196
x-amz-request-id: SBDC1GERDA4TXSE9
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"daca72aad96861181406f2d2ba2de78a"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1701758866154
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: irfYyu19lDhmT7dPJfMsh38gFPmjzVka
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: f874c0f9-c664-4075-917b-37a2dec21cd2
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 148
alt-svc: h3=":443"; ma=86400
x-amz-id-2: I/5uroi9RCxc2ZJdJo5o67ZQhSmbTwK1LsY81lRUCHUMYEEHr0IZnq7gm+Fm7uk3VJ7NkIM/wJQ7MM6+8JyV+JEjkOom4MRRV2Herv1L6PI=
x-evy-trace-route-configuration: listener_https/all
x-request-id: f874c0f9-c664-4075-917b-37a2dec21cd2
last-modified: Tue, 05 Dec 2023 06:47:47 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mn1AOpCQ5pfMPmHuk2Q%2BFrcnqkLc2VM3aawUYE823yXahpM2HiUcQ9Da7C48eRVJjyFqLUT6GdhJK9Vcib00ekxbEglL%2BByEAJjEgQSTG41UKh7HhnubM7JrifktnTL9"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-ffb8c87d4-n248f
access-control-allow-credentials: false
cf-ray: 8756d073c9c7a025-FRA
timing-allow-origin: www.uptycs.com
x-amz-cf-id: WBcwXPZU-UBqojKQD7LVgFhWGr7ymWmTNDAp1jUXQ1plC4b4RlmoUQ==

GET
H3 200 code.jquery.com_jquery-1.12.4.min.js Show response
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/122960336740/1692382057809/Uptycs_Theme_2023/js/ 95 KB
36 KB 86ms
86ms Script
application/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/122960336740/1692382057809/Uptycs_Theme_2023/js/code.jquery.com_jquery-1.12.4.min.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 1837
x-amz-request-id: YZ5H2R1PX4GR3XZ5
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"0fca26b5a37a66d68d0f4406976be4b5"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1692382057809
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 14d757a67b913f1bc93427e69819362c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: R5acMq48kK7Wpj.3wc80oAKICEoHfLJJ
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: a61286f3-87fb-4eb9-bec8-c99f137e51bc
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 149
alt-svc: h3=":443"; ma=86400
x-amz-id-2: SAKIiF+RXWnALjre5AIlPMoDtV0E9Jfsq2jM7oD22j9iNC84IvV+5lcsIuJ5u+nceLk0x/6BIOzzbA3JpFWURchpojzOLebs
x-evy-trace-route-configuration: listener_https/all
x-request-id: a61286f3-87fb-4eb9-bec8-c99f137e51bc
last-modified: Fri, 18 Aug 2023 18:07:38 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SJOzY39VD81CEfwBeLIsfb%2BY2mDJZAcuScWW%2FmYs7GXB0gt3WqojqqL6S4spUUTv0BSE5E4WTde%2BHoHriOPzG1vaJ%2FmlMvTDACoqa2sFfmI9d8EKLy35SJFQoC4x8qLZ"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-649c5bbc6c-zjtxl
access-control-allow-credentials: false
cf-ray: 8756d0744a6aa025-FRA
timing-allow-origin: www.uptycs.com
x-amz-cf-id: XXW37j9JTtbYcwxZXWGyIOAHTaXEDe6xA85MN4OLOhdMdPLddG47gw==

GET
H3 200 main.min.js Show response
www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237812090/1704248342608/Uptycs_Theme_2023/js/ 48 KB
14 KB 63ms
61ms Script
application/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237812090/1704248342608/Uptycs_Theme_2023/js/main.min.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb50a9bde03200d57415dee62d7e53f774133db7cc583137659ee77c541d7092

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 2184
x-amz-request-id: PW9KNGNWZ0MWZB8T
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"16b3ebfc3d92af4653afe7f147d2769c"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1704248343074
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 d640ec12547ee097cb75dd5bdc8787b8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: EqCQd1BxEjvUMqgA5OVYYGAFhbprETuW
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 6836b900-a480-4e15-92ad-283cfa5b520d
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 191
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 1QalBmRGXg56SteSZ+5yF1FDQhUiJw7YRr4JqnmXGJRpVy5JvS4Rq75FHjmAr8uBCy5RNm8/qmk=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 6836b900-a480-4e15-92ad-283cfa5b520d
last-modified: Wed, 03 Jan 2024 02:19:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XxCe4f8LrG2iGQGHdHkZWeBiGwgR5CDQyMWhCZl6s2T0oD1E2KuZf5RpHtLvtEu8Cw6uTsXdgFQBQV%2FrdDCm1xaGA%2BB%2Bsoz1Ql4T46iI%2BMoezMSuI1r7Dp8%2Fq31hmAx7"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5c8495489f-98jll
access-control-allow-credentials: false
cf-ray: 8756d0744a7aa025-FRA
timing-allow-origin: www.uptycs.com
x-amz-cf-id: WOPON7EdHz_5G25W8s3ouD6l2QGzW1034X2uoknIup9V6qH0_1NWZQ==

GET
H3 200 module_145789449845_EXT_-_Request_Demo_2023_November_Modal.min.js Show response
www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/145789449845/1709052870173/ 1 KB
2 KB 75ms
73ms Script
application/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/module_assets/145789449845/1709052870173/module_145789449845_EXT_-_Request_Demo_2023_November_Modal.min.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f252e1400b1605892f7888912dfd2ce543da077c81d27a0fd1a1c679b2a8019

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 2195
x-amz-request-id: 6MNPQ82ZK4X7HARQ
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"a15243ecf9a19d19842ffbeb7bffa86c"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1709052870173
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 71f1cca040033ebffc591cf9392d1528.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 2Coi3lW1p7dEuLdoPWOknASNUywlvmPZ
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 84cf61bd-bf94-463d-93f3-6ce66bfe77af
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 218
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ET6iyyocWT/0g6OC7ypAB+0IaoXoc5xKmAeMwH/pxXBWwNxjk8O4aQY1Z76H4oUYUs5yAqiw0JeNxC7uyYk+vA==
x-evy-trace-route-configuration: listener_https/all
x-request-id: 84cf61bd-bf94-463d-93f3-6ce66bfe77af
last-modified: Tue, 27 Feb 2024 16:54:31 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NDS15qjwcnPRYutSzqWCA91YaY9CCNz%2BqlXQ3nlxZ1CzU6wdOUo%2BiYUYpFY9rXt%2FAUtAfY83PC1lkpU%2F7uF03ToqKs0l2TaE3iQGu%2BMva36UnmT9bD7gcUkubJczKjn0"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5c8495489f-fmgh5
access-control-allow-credentials: false
cf-ray: 8756d0744a7ea025-FRA
timing-allow-origin: www.uptycs.com
x-amz-cf-id: QABlw_FOjfr73O5VE0HJB6cYn_shflpxJs2oVoprwYGJlxgVDdUUeg==

GET
H3 200 2617658.js Show response
www.uptycs.com/hs/scriptloader/ 3 KB
1 KB 220ms
219ms Script
application/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs/scriptloader/2617658.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

079b50a935e09e7b76aae1a90a6ffa6bd1d212c5325e5f807b43a01c7f137359

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ee3f2819-8260-4ce4-bbc9-147b9d7c6697
content-encoding: br
x-envoy-upstream-service-time: 10
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ee3f2819-8260-4ce4-bbc9-147b9d7c6697
last-modified: Tue, 16 Apr 2024 20:00:16 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-697677dfc-pt5rf
cache-control: public, max-age=90
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qhYodX9WXaJwsE2Hl3LKGmk7qRld0vKN%2FJRT44K2B2Q6GS7sLYElyWwp3C8cqpMmZguh25ElIoGt7zp%2Bloob0fFxqoQjVCKwhU8P%2FuAGyMJaPdCTD1U2DqnIXtCJNkZe"}],"group":"cf-nel","max_age":604800}
cf-ray: 8756d0744a83a025-FRA
expires: Tue, 16 Apr 2024 20:11:09 GMT

GET
H3 200 index.js Show response
www.uptycs.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/ 12 KB
5 KB 62ms
62ms Script
application/javascript 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/index.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f826bcac220a5475477ee65fae659b0d8292d038d180a122df67fadb6742ed52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 2346960
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: 1rlxLpliQ7bEVIEMqiesE48_Sx9RmqkP
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Mar 2024 15:59:57 GMT
server: cloudflare
etag: W/"5885ac5129ee80f8b7e1e228e142587d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ztdksoQweYSzenHgm7vcJKOd0ga4%2BGd7XvuiHhPiYxZKO6TnIf5IQK7NCnnOqwHdpBICi4TKUOwPEgo5NjMHAWKlOOd4%2FWWV0ZXmM%2Be2CZj%2BXmV7%2FPpfxKxsywYEq8nv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8756d0744a85a025-FRA
x-amz-cf-id: LBGxxkuxmXbhcFaI-NR3fKwzXfE0BgYFZAIA9oCaZx8Z6HSTKhi43g==
expires: Wed, 16 Apr 2025 20:09:39 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5334099fe7880d9ccf2c13acdf79ed68acd9b43d4484a1bdec8b32633edb03a0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Dazzed-SemiBold.woff2
2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/ 35 KB
35 KB 366ms
184ms Font
application/font-woff2 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/Dazzed-SemiBold.woff2
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1709079590067/Uptycs_Theme_2023/css/theme-overrides.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7d73ae35c3412dd12292590b041a66f83a14f7766041b8d523fadf78c8d7daa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/
Origin: https://www.uptycs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-cache-tag: F-105405778095,FD-105405778080,P-2617658,FLS-ALL
age: 350544
x-amz-request-id: RMNJGSKEXNQXT5XC
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105405778095,FD-105405778080,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "2d0d0de050f8833c2853af07a440a4ee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678191122420
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 16 Apr 2024 20:09:39 GMT
via: 1.1 f14a77f80eb66aa455bd94a07a2a0c64.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: IEWlA03LFNsvE9C7Xc.pkI3DfKgTQ7bF
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-105405778095,FD-105405778080,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 35588
x-amz-id-2: xMAIdcry8SEOsAUkoLWTWq7QQCPao/XzL8ar2n8UU9dYcOAivIdZdejgc63O74D2TSfKTEPChdI=
last-modified: Tue, 07 Mar 2023 12:12:03 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 8756d075b94d8eca-FRA
x-amz-cf-id: xX9UQyLCrJWy4x2LuUfF9HxXdttksY9xDz7n8rM_wFw2EfMkn_L-ew==

GET
H2 200 Dazzed-Regular.woff2
2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/ 34 KB
35 KB 397ms
216ms Font
application/font-woff2 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/Dazzed-Regular.woff2
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1709079590067/Uptycs_Theme_2023/css/theme-overrides.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b48a0510a39e949184e762267407b9d7292b4fd69dcbf953b657c1e9cfc4cc61

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/
Origin: https://www.uptycs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-cache-tag: F-105405778092,FD-105405778080,P-2617658,FLS-ALL
age: 344303
x-amz-request-id: 0W1MBPXXVM79RPP4
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105405778092,FD-105405778080,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "504d899b185471166fa525f6154e224f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678191122391
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 16 Apr 2024 20:09:39 GMT
via: 1.1 7115bbde016dc7107bc64db76ba40c56.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Z950va749GesENoMyecGaQOgk36GpyAD
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-105405778092,FD-105405778080,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 34732
x-amz-id-2: 8jbJg4jHGOhqhffN6vrhm1zWnO8jfVjbWJOHl90S1phx6VBJGWc+EeIuOihHyVgsG8uRTT62n9k=
last-modified: Tue, 07 Mar 2023 12:12:03 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 8756d075b94e8eca-FRA
x-amz-cf-id: ZNByQESwZXhvbgBA7CaeUV-YCSiQXN0RwaN813tVqpXk63ewA6KNvg==

GET
H2 200 Dazzed-Medium.woff2
2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/ 34 KB
35 KB 360ms
179ms Font
application/font-woff2 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/Dazzed-Medium.woff2
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1709079590067/Uptycs_Theme_2023/css/theme-overrides.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c431b7004f2def447ab4b6b2e63e694f322c65162a22e689f91a69e391241df4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/
Origin: https://www.uptycs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-cache-tag: F-105405968195,FD-105405778080,P-2617658,FLS-ALL
age: 354375
x-amz-request-id: 9ZQNMZ9RS1CKD04T
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105405968195,FD-105405778080,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "91c0cd4d25d2ea71e8826f69b4497c6c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678191122410
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 16 Apr 2024 20:09:39 GMT
via: 1.1 9ec406dc5379d974fc3d9f41dd497bf0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: A6Y2_MG70jGC4aeahpXKuceRQH2hp.YW
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-105405968195,FD-105405778080,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 34664
x-amz-id-2: fnno/bkvHr+nj4RHDzXPDlmaJRYW3w2Nb1AkTOCFPwi4Px1RwVetiZXiFkUXQI+bFb3UZ11wzZ8=
last-modified: Tue, 07 Mar 2023 12:12:03 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 8756d075b9508eca-FRA
x-amz-cf-id: 43_K2wtHqvEsZzao9PzpWjirj8cIw58pnuAYFFKi_bhIldIJ2vpe7A==

GET
H2 200 Dazzed-Bold.woff2
2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/ 35 KB
36 KB 380ms
198ms Font
application/font-woff2 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Fonts/Dazzed-Bold.woff2
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237648739/1709079590067/Uptycs_Theme_2023/css/theme-overrides.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62e120f9707942e703ef7a54d281e0f4a4027114e88e57f38909e48927029604

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/
Origin: https://www.uptycs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-cache-tag: F-105405946669,FD-105405778080,P-2617658,FLS-ALL
age: 344303
x-amz-request-id: MGJZY3R3G245M4A1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105405946669,FD-105405778080,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "dec9ad669c463ebe04b667dc906e58b0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678191122320
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 16 Apr 2024 20:09:39 GMT
via: 1.1 88fd4dc311317996718ed4ed98e5cbda.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: kiiOVn0Uia49V.XtbhyVQvLQlSKfVfD1
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-105405946669,FD-105405778080,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 35912
x-amz-id-2: br8KZDGiCizC1XR/T21EmOfj2aXkJeW2w6PNzto77L2eifZP4wd5iEdkgznwUJ1agtsbgmG7Q6c=
last-modified: Tue, 07 Mar 2023 12:12:03 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 8756d075b94a8eca-FRA
x-amz-cf-id: i5rTHQ32sqS0JpcohxHb4WQVXDP7WehpXZxH4PFxMpyW0jyiHOY7dA==

GET
H3 200 Figure%201-Sep-07-2023-03-11-24-4932-PM.png
www.uptycs.com/hs-fs/hubfs/ 110 KB
111 KB 81ms
81ms Image
image/webp 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/Figure%201-Sep-07-2023-03-11-24-4932-PM.png?width=1999&height=1255&name=Figure%201-Sep-07-2023-03-11-24-4932-PM.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e790f5441ccb1e4e94e2b96cfff2f47e0349879360c73e4f84cb76c7d3af5a37

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-133822667009,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 112508
cf-resized: internal=ok/h q=0 n=28+92 c=0+0 v=2024.4.0 l=112508
last-modified: Thu, 07 Sep 2023 15:11:25 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf3HmQUQBy2s6L_9QDdhqEpK67CMoXKvSfO1GzikB8DQ:bb9dd3fcc33355ea527a8cdcf4ba060c"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xF26Yqqp4ESIJ6eL7c36Jx6KLtmIvpNmFbWjutrr2Fm78bkhSBZ5ViNdhulq9CbYlZ3wJVRMdfkTSTUJVf379jIWe0G7thbvMsjjn7BDY9uNgQrsAk1aGgDJuyVa4J4N"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8756d0749b15a025-FRA
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H3 200 Figure%202-Sep-07-2023-03-11-24-1792-PM.png
www.uptycs.com/hs-fs/hubfs/ 29 KB
30 KB 65ms
65ms Image
image/webp 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/Figure%202-Sep-07-2023-03-11-24-1792-PM.png?width=762&height=521&name=Figure%202-Sep-07-2023-03-11-24-1792-PM.png

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb477ae886e560d1b6e91c20530481d54fc3a6f3aa856be980d058a021c33ea5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 56df5811b9d89103539b9b0b5fd9b262.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-133820900274,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 29916
cf-resized: internal=ok/m q=0 n=877+0 c=1+48 v=2024.4.0 l=29916
last-modified: Thu, 07 Sep 2023 15:11:25 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfsHt61Ftl_ukf9zM0IMD9BYQ85JAt0229AcNTi-jPDQ:ba8e342d35c174de0989dbc7228be7f3"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ggcpS7Bwduy9Afby1HzhMeB3gtTm1DtsBiQxFv0qiq8wKXHq0jZPSWo%2BUP53AQM%2BoCM%2Bdox48UNG7ABEgdMoEb3ic0kr3INGf9UdFeqL46vIfxCdrrQh%2FiIJ0BZFq71"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8756d0749b18a025-FRA
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H3 200 Mastering%20Cloud%20Security%201%20Understanding%20Attack%20Paths%20and%20Risks.jpg
www.uptycs.com/hs-fs/hubfs/ 46 KB
47 KB 70ms
70ms Image
image/webp 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/Mastering%20Cloud%20Security%201%20Understanding%20Attack%20Paths%20and%20Risks.jpg?width=1200&height=627&name=Mastering%20Cloud%20Security%201%20Understanding%20Attack%20Paths%20and%20Risks.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

040f64bcda95f9c547a6a18c08f0d93ea74aa3b4578d1d2ac866d982b20cbe5e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-146302622577,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 46858
cf-resized: internal=ok/e q=0 n=807+0 c=9+120 v=2024.4.0 l=46858
last-modified: Mon, 20 Nov 2023 18:27:39 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cf9-qpiH6X1pPtx7N8y7mN3WN91bhTDbcLfTZJyss5DQ:a5935eaeb7a2482025426a278579ec24"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5yC%2FElVi%2Bi7QEphLuOwbDUOzrO6uft5FIINEI4yxQZG3tIiaIp%2BVmUFrAbcXkFnQmaI7xIZ%2FMeV429%2BPJ0Ofkck7%2FQuAy6terH4Vlnw3Z5Hzw84onH0sp6jlt4hMHiAG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8756d0749b1aa025-FRA
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H3 200 mastering-kubernetes-container-s%5B1%5D.jpg
www.uptycs.com/hs-fs/hubfs/ 19 KB
20 KB 75ms
75ms Image
image/webp 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/mastering-kubernetes-container-s%5B1%5D.jpg?width=400&height=209&name=mastering-kubernetes-container-s%5B1%5D.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b074cfeebb801d02ec1a5e05e84ce4ef98399eb1345f03d0cfca97dcc4a1f42

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-152070622048,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 19760
cf-resized: internal=ok/e q=0 n=852+0 c=0+13 v=2024.4.0 l=19760
last-modified: Fri, 05 Jan 2024 17:49:39 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfYOv8Ubj1IaI6ciCxA0RCHGcX2VUWwR6oO9d4sjBODQ:e0f30ce32c7b19dbbe2f54dcb7195087"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mBEpOXrR8CUUoLxlKv6nrtFtZ689uFO%2B%2FzCaQ8O4IXFTLgx9Zu2rLizY%2B%2F%2FUkWhf206JDEL%2ByCNe2pTKRW5ukgC4Y0yZEvCQyUue9PM69NGIEf0yAeHpAbJmwGUFWARb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8756d0749b1ca025-FRA
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H3 200 kevin-paige-ciso-cybersecurity-standup-podcast%5B1%5D.jpg
www.uptycs.com/hs-fs/hubfs/ 7 KB
8 KB 73ms
73ms Image
image/webp 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uptycs.com/hs-fs/hubfs/kevin-paige-ciso-cybersecurity-standup-podcast%5B1%5D.jpg?width=400&height=209&name=kevin-paige-ciso-cybersecurity-standup-podcast%5B1%5D.jpg

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bff784a3bbc102dd33d8ae430ac411ec6a23cf781d621a97a5a86d68820d956

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
via: 1.1 96f7375d4633bdc30f727db82897e3b4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-149004259166,P-2617658,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 7204
cf-resized: internal=ok/m q=0 n=775+0 c=9+26 v=2024.4.0 l=7204
last-modified: Thu, 07 Dec 2023 21:11:45 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfq4Y2wjB2C1fx9RPo4jTk-D-S2VUWwR6oO9d4sjBODQ:f0499c8484db913b544ecd7fa181d11c"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qNJwrr71oT5w%2BMbKBjXSyiz7SL5Abvkwjw%2FQvD1r9AY3erwliuVESe%2Fd9SJH7dQEw6yhP3lzp1y7XFTSTFfkrAG1ZFxOQzyoRO%2BrH%2BKuMej%2Bo154q1inxDy%2FSsD9DOdY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8756d0749b1ea025-FRA
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H3 200 json Show response
www.uptycs.com/_hcms/forms/embed/v3/form/2617658/a84fa16e-d67b-4c28-b1c2-bce43902236e/ 23 KB
5 KB 205ms
204ms XHR
application/json 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/_hcms/forms/embed/v3/form/2617658/a84fa16e-d67b-4c28-b1c2-bce43902236e/json?hs_static_app=forms-embed&hs_static_app_version=1.5064&X-HubSpot-Static-App-Info=forms-embed-1.5064

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

190511b8de2cf98ac6589db93eafa17c3790ea125ddc8155cbdbb9a710105ffd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-origin-hublet: na1
date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 89487590-22b5-48b7-a843-535ce3055d51
content-encoding: br
x-envoy-upstream-service-time: 27
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 89487590-22b5-48b7-a843-535ce3055d51
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-max-age: 180
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-glsj5
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=thEFRkQZJLQjjNwLJPNm8QFklyPaYyw8%2BETMpelMlEEpob%2FPc79WHQwfDnb0dXV1xYd3BW1qlWBe58AtP0S1DWE5nFoillpwW7ouLMrCuGX0wuml7WiA62KTLyIdXrCp"}],"group":"cf-nel","max_age":604800}
cf-ray: 8756d0760ce4a025-FRA
access-control-allow-headers: *
x-robots-tag: none

GET
H3 200 json Show response
www.uptycs.com/_hcms/forms/embed/v3/form/2617658/0492e7b1-c029-4110-8042-598f482d9802/ 10 KB
4 KB 184ms
184ms XHR
application/json 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/_hcms/forms/embed/v3/form/2617658/0492e7b1-c029-4110-8042-598f482d9802/json?hs_static_app=forms-embed&hs_static_app_version=1.5064&X-HubSpot-Static-App-Info=forms-embed-1.5064

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

69c8c1bcaabd7a9ab8577890ad0ddbae9f7b83ad0e22dc2cc009407d0b55c9ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-origin-hublet: na1
date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a0b42acb-c8e7-4dfe-b966-45524c0ef689
content-encoding: br
x-envoy-upstream-service-time: 43
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a0b42acb-c8e7-4dfe-b966-45524c0ef689
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-max-age: 180
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-mqq5v
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lGRH%2BRfJNwmBS1lZoah1aOy%2F1yR%2FA4td3vlV04%2F2ojpes%2B%2FsoZkpaDen4hTmM1cgdZMiSyrMiwcSrAfZKPE%2Fb6JZQeuJCpVkSbk88K19JvWVHe%2FkyrlNR8TiT5iC9hzo"}],"group":"cf-nel","max_age":604800}
cf-ray: 8756d0760ceaa025-FRA
access-control-allow-headers: *
x-robots-tag: none

GET
H3 200 json Show response
www.uptycs.com/_hcms/forms/embed/v3/form/2617658/464171ef-7766-4b86-9e48-f51bb13b325f/ 15 KB
4 KB 176ms
175ms XHR
application/json 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/_hcms/forms/embed/v3/form/2617658/464171ef-7766-4b86-9e48-f51bb13b325f/json?hs_static_app=forms-embed&hs_static_app_version=1.5064&X-HubSpot-Static-App-Info=forms-embed-1.5064

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

239ae49c8d705018310a20bd6700d99c0cec7ba323d8b9e416aa39a536c5c4e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-origin-hublet: na1
date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 4b79e82d-e897-425b-80df-3e7b3b10879d
content-encoding: br
x-envoy-upstream-service-time: 27
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4b79e82d-e897-425b-80df-3e7b3b10879d
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-max-age: 180
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-c768m
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=39x11aJFzu0GIGGDDwJ2cwDndqrCoNW89%2F5DADcGmw65mN%2F9YDTMuhbNrtkluQhttK%2B4Ea3oJuJ4KLn6lwn%2BlYS%2Bd1ZOpwcV67WXbYVcF%2BIHGGJ88RjjiGx2S8enaQ%2Bl"}],"group":"cf-nel","max_age":604800}
cf-ray: 8756d0760ceba025-FRA
access-control-allow-headers: *
x-robots-tag: none

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 203ms
139ms Script
application/javascript 2606:4700::6810:6cfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6cfe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c76dd89a767afd512ce6c6370424f39a632ebb736c16ac37952fbfd97575448

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Origin: https://www.uptycs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.491/bundles/project.js&cfRay=8756d07678845d99-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"020909a609cf986b4a8a88cfb577a8db"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: collected-forms-embed-js/static-1.491/bundles/project.js
date: Tue, 16 Apr 2024 20:09:39 GMT
x-amz-version-id: _rd02ux3UWoVQsATQDf.p_LxkLPJ6umh
via: 1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 46164298-5768-4343-b332-2dad6dcce511
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 12
x-evy-trace-route-configuration: listener_https/all
x-request-id: 46164298-5768-4343-b332-2dad6dcce511
last-modified: Wed, 10 Apr 2024 18:06:23 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-kgjsm
cf-ray: 8756d07678845d99-FRA
x-amz-cf-id: jYEIcwUgM8OA7jFyIWuIH8vI6bTuNR8_qz6nk6NMP5doR7eysaYa7Q==

GET
H2 200 2617658.js Show response
js.hs-banner.com/ 64 KB
17 KB 404ms
349ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2617658.js
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5e3b46619f9fe7bf16293bb68d107fb737b4941254f8af28310adf3f1fdc17

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:39 GMT
x-amz-version-id: iRvsFWpj50tumUXAoW_OquyNedvMA13S
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: MKRVNWPVY4GJJD68
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 1fb96bd3-9500-4d77-8815-83387785ee2e
x-envoy-upstream-service-time: 35
x-amz-id-2: jj6HFsdbpJlTibdkgfVV3eai2/CExGFzZy6cxeU/ESVyYnYwb1yoBoOqj8BTmaj8VKkK2z2QszE=
x-evy-trace-listener: listener_https
x-request-id: 1fb96bd3-9500-4d77-8815-83387785ee2e
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 29 Mar 2024 16:22:32 GMT
server: cloudflare
etag: W/"599bbe919e073176c2a8221413d4edff"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6dfb9475dd-k2c5l
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8756d0766e542c21-FRA
expires: Tue, 16 Apr 2024 20:14:39 GMT

GET
H2 200 2617658.js Show response
js.hs-analytics.net/analytics/1713297900000/ 69 KB
22 KB 229ms
177ms Script
text/javascript 2606:4700::6811:afc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1713297900000/2617658.js
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 277350427e7acd72d4cfacd8abebc68c4b63b62c7ff03939ccf8d43d658b5c3f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:39 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 3BK4M64MV8H5QB4B
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: a2c4048b-eee5-4264-9820-3ee98abc2a09
x-envoy-upstream-service-time: 50
x-amz-id-2: xezl6f+4mUxoGsDhqCo6ypcjrrlWyb4M140dN2dipKqRiXPLik/MvpU4Fplnk9T77JbCPhl7VeM=
x-evy-trace-listener: listener_https
x-request-id: a2c4048b-eee5-4264-9820-3ee98abc2a09
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 15 Apr 2024 19:10:18 GMT
server: cloudflare
etag: W/"1092d84d5e109cbb2c31065293d07944"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-snf7h
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8756d0766ccc65af-FRA
expires: Tue, 16 Apr 2024 20:14:39 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 82 KB
25 KB 208ms
159ms Script
application/javascript 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c19b3e1b4412d65f2867422b94958aef88fb30739eb739e2c7dc2ea53dc0e38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Origin: https://www.uptycs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1057/bundles/project.js&cfRay=8756d0765e668f3c-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"dd91c2fb61034a195eb738df46ca4b3a"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1057/bundles/project.js
date: Tue, 16 Apr 2024 20:09:39 GMT
x-amz-version-id: 8Bjrd.XOcIxETBdGX4ErcbsqVOQTF3Nz
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: fc2322e8-837f-49e8-8455-2dd5b0681b6b
x-cache: RefreshHit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 26
x-evy-trace-route-configuration: listener_https/all
x-request-id: fc2322e8-837f-49e8-8455-2dd5b0681b6b
last-modified: Fri, 12 Apr 2024 14:29:24 UTC
server: cloudflare
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gwpZeCwI1m5EVgSC5SmOBsFjElmN0TPuI3pxsZi6eYxWaL6UvbRW3Blkoy4oQryBHYbHNSeCGTyLt1Kacsy1X0oH2p6u2HR9LfRW0nx6BE9gmLr2nR6a1C3uuYuTbHPKnTEw61pDjrl53bpp"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-275zq
cf-ray: 8756d0765e668f3c-FRA
x-amz-cf-id: kTyqtvmK03vaVTMYLoF6reY8JrCYXEU3cAn0c83NTnLp_9yPP8CZxA==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 92ms
34ms Script
application/javascript 2606:4700::6811:80ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0360c12a2f39ba0f8873ab217623c352fef0d3672befb9ce5136946e537f29be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:39 GMT
x-amz-version-id: BtO8p0y7ZopGQ_LpMP80hwfqbg3Puoq5
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 307
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.548/bundles/pixels-release.js&cfRay=8756c8f418021919-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 21f6ef3d-409f-4358-be90-da042ec61b0c
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 21f6ef3d-409f-4358-be90-da042ec61b0c
last-modified: Tue, 16 Apr 2024 13:53:51 UTC
server: cloudflare
etag: W/"854c1cae2954b4bee672fc0896af4bc9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-wwmrm
cf-ray: 8756d0766af59968-FRA
x-amz-cf-id: nqFeGHiNXxChyxlucejR5nh7OKHLSRVmCm22jGLfk67peAmgboeENQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.548/bundles/pixels-release.js

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 86 KB
25 KB 94ms
37ms Script
application/javascript 2606:4700::6810:4f8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs/scriptloader/2617658.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4f8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31cafac9c7b9f743c27dd8dc5eaca3c0a41d926f4c6e762705c78682e0395b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:39 GMT
x-amz-version-id: P2QlyIDjib7YmTfsuV6tHRtmiFYiLB89
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 211
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16051/bundles/project.js&cfRay=8756cb4c9e70366d-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 19863e16-730c-4b13-978d-5abbbf4de6de
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 19863e16-730c-4b13-978d-5abbbf4de6de
last-modified: Thu, 11 Apr 2024 15:43:26 UTC
server: cloudflare
etag: W/"f6f2732f734a25219fb3857683c145d3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-275zq
cf-ray: 8756d076695003f4-FRA
x-amz-cf-id: 4VmIDp-Iop3IzX0K8ztrflJufBWpSd3hdsXo-apJj1wNxWHMmjeCzQ==
x-hs-target-asset: conversations-embed/static-1.16051/bundles/project.js

GET
H2 204 has-permission-json Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
1 KB 249ms
192ms XHR
text/plain 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission-json?portalId=2617658

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: no-sniff
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7d43ae58-a6dd-47ee-8790-91649cd202e8
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8756d0766c0237e6&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: 7d43ae58-a6dd-47ee-8790-91649cd202e8
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-trtck
cache-control: max-age=0
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 8756d0766c0237e6-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 79ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FM1R8N7KP8&gtm=45je44f0v895835665za200&_p=1713298179235&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&gdid=dZTQ1Zm&cid=597332691.1713298180&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=EA&_s=1&sid=1713298179&sct=1&seg=0&dl=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&dt=WinRAR%20Vulnerability%20Exploitation%3A%20Decode%20%26%20Bolster%20Protection&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1472
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FM1R8N7KP8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 20:09:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.uptycs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 01985126470 Show response
ixfd2-api.bc0a.com/api/ixf/1.0.0/get_capsule/f00000000301697/ 3 KB
1 KB 116ms
57ms XHR
application/json 34.111.194.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ixfd2-api.bc0a.com/api/ixf/1.0.0/get_capsule/f00000000301697/01985126470?client=js_sdk&client_version=1.5.9&orig_url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&base_url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36
Requested by: Host: cdn.bc0a.com
URL: https://cdn.bc0a.com/autopilot/f00000000301697/autopilot_sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.194.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 12.194.111.34.bc.googleusercontent.com
Software: bws/1.0 /
Resource Hash: d6dbfb54d184fc844246109961e438a50358d54fb353b39ecbb35e12cbf80164

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-be-pop: BRU-1-301
date: Tue, 16 Apr 2024 20:09:31 GMT
content-encoding: br
via: 1.1 google
server: bws/1.0
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 widget Show response
www.uptycs.com/_hcms/livechat/ 295 B
1 KB 193ms
192ms XHR
application/json 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/_hcms/livechat/widget?portalId=2617658&conversations-embed=static-1.16051&mobile=false&messagesUtk=a72630e21acb44578452af962f6af2d9&traceId=a72630e21acb44578452af962f6af2d9

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

573e790ed540658ffc08f3befacf918be1983ddc0a53590eb9b30b633426766f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
X-HubSpot-Messages-Uri: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:39 GMT
strict-transport-security: max-age=3628800
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 5ba5996c-ddde-44ad-bedc-a507a81c2b7b
x-envoy-upstream-service-time: 15
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5ba5996c-ddde-44ad-bedc-a507a81c2b7b
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-697677dfc-drpwv
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJaba5snDA9MdnXuv6NmR6ojXrwRU3ixXkpYBIr1pYh2pwsKA8NWej36LBN0FKJOgxG%2FXr4BrVW3GNKw%2FrEZHadNQkXCnUdFl6c7HzvLsRevRIVNJ41wlxRmEr90qmbJ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8756d076ce21a025-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
883 B 190ms
144ms Image
image/gif 104.17.239.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.239.249 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: afa00477-7a84-47b5-acad-c4f123b4423e
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: afa00477-7a84-47b5-acad-c4f123b4423e
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-8mfdp
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8756d078cca04d88-FRA

GET
H2 200 Submit_arrow.svg
2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Home%20Page%20Images/ 270 B
1 KB 148ms
91ms Image
image/svg+xml 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2617658.fs1.hubspotusercontent-na1.net/hubfs/2617658/Uptycs%20Theme%20-%202023/Home%20Page%20Images/Submit_arrow.svg
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/hs-fs/hub/2617658/hub_generated/template_assets/105237096759/1708496906106/Uptycs_Theme_2023/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7775c3a94d76e47ed6bda5a404bf940ef8f710223ecdd4bfb7f48edb58925430

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-105763674949,FD-105371464374,P-2617658,FLS-ALL
age: 343823
x-amz-request-id: 3JHKRF0E625X9X35
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105763674949,FD-105371464374,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"d86c78f19be3b56354776168464f274a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678357972000
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 16 Apr 2024 20:09:40 GMT
via: 1.1 444bee00bd8f759506e806be3c13fa6c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: jMw4TxEmyrDKjLRp3HsQf.dOAbMI9oJK
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-105763674949,FD-105371464374,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-id-2: 6IznKYoA6jy6L9uS/zmtg4xlRgVQy2E1Q2z35/TPAdgE1WN5OxPIk34ORByk7BxgH1G0jfD5PxPzcH4D350rLg==
last-modified: Thu, 09 Mar 2023 10:32:53 GMT
server: cloudflare
cf-ray: 8756d07a6fb05d70-FRA
x-amz-cf-id: xhGRJGjkFSBc6ytcMjAlt4FHVQFUbCBZXK_ulGbLM0raNlzBm-KpaQ==

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
537 B 177ms
167ms Image
image/gif 104.17.239.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.239.249 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f1fb04d5-8b03-4b24-a87b-d6c647149b25
x-envoy-upstream-service-time: 19
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f1fb04d5-8b03-4b24-a87b-d6c647149b25
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-844hl
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8756d07a2e614d88-FRA

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
538 B 209ms
208ms Image
image/gif 104.17.239.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.239.249 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d625c8a8-1811-46c3-a6c8-ac26c9fcf5b2
x-envoy-upstream-service-time: 40
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d625c8a8-1811-46c3-a6c8-ac26c9fcf5b2
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-vzwgx
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8756d07a2e5e4d88-FRA

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
536 B 195ms
163ms Image
image/gif 104.17.239.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.239.249 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 3287bf33-b934-4228-9dca-296f7e5e04a2
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3287bf33-b934-4228-9dca-296f7e5e04a2
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-6hhpr
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8756d07b38074d88-FRA

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 1 KB
2 KB 204ms
202ms Fetch
application/json 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?contentIds=141040881575&portalId=2617658&currentUrl=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&contentId=133806526071

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9107b39f4b81d9c43eddf95bf023427c4d0ebf27e07d964212f149d4992b4bae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: dff08ea5-4b41-4896-ac3a-38801bf901ea
content-encoding: br
x-envoy-upstream-service-time: 49
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: dff08ea5-4b41-4896-ac3a-38801bf901ea
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=348tddjoYB1L9EbUkWt5KxwGZ1%2BLqHoyuqTk3WYPhitgrY5d1P6i4NFk8e%2FQmwqklHs3dJl7uTtNd2MyIVNipEssbPt0LQjXp0Su4wW5ko5g6%2BNtSSpUN5W3k9SHiItfgBDImf52Kjb9dWo1h4XUcYG%2FEsZKD263bgI%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8756d07b3c048f3c-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-l7wvp

GET
H3 200 hs-web-interactive-2617658-141040881575
2617658.hs-sites.com/ Frame B975 0
0 459ms
424ms Document
text/html 104.18.96.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2617658.hs-sites.com/hs-web-interactive-2617658-141040881575

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.96.115 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=10,max-age=5
cache-tag: CT-141040881575,P-2617658,PGS-ALL,SW-0
cf-cache-status: EXPIRED
cf-ray: 8756d07b7e171c40-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Tue, 16 Apr 2024 20:09:40 GMT
edge-cache-tag: CT-141040881575,P-2617658,PGS-ALL,SW-0
last-modified: Tue, 16 Apr 2024 17:48:07 GMT
server: cloudflare
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 97
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/cms-hs-sites-td/envoy-proxy-56c5c7b9bf-qz5rs
x-evy-trace-virtual-host: all
x-hs-cache-config: BrowserCache-5s-EdgeCache-10s
x-hs-content-campaign-id: 7b44ed55-7a01-45a7-a0b3-000e74cb15ae
x-hs-content-id: 141040881575
x-hs-hub-id: 2617658
x-hubspot-correlation-id: d252e7bc-d1ff-4172-a3c6-72c295eefd3e
x-request-id: d252e7bc-d1ff-4172-a3c6-72c295eefd3e
x-robots-tag: none

GET
H2 200 cf-location Show response
js.hs-banner.com/cookie-banner-public/v1/ 2 B
145 B 85ms
42ms Fetch
text/plain 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/cf-location
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/2617658.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=1500
cf-ray: 8756d07b9b98916b-FRA
content-length: 2

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
432 B 143ms
134ms XHR
application/json 2606:4700::6810:6cfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=2617658&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6cfe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6067dcd5dce2a3474610f14be162b671b90e8d916358d4cf324a526fb5e9ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 07f14a14-d117-4bf2-8c5a-3ab701c4cb11
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 07f14a14-d117-4bf2-8c5a-3ab701c4cb11
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-72bsp
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8756d07b6d9f5d99-FRA

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 127ms
127ms Preflight
application/octet-stream 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.uptycs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.uptycs.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 8756d07bebea916b-FRA
content-length: 0
content-type: application/octet-stream
date: Tue, 16 Apr 2024 20:09:40 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 1
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-jg42k
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 19c12e4d-e09a-4f0b-9a3b-592f63ade326
x-request-id: 19c12e4d-e09a-4f0b-9a3b-592f63ade326

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
174 B 142ms
142ms XHR
text/plain 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-banner.com/cookie-banner-public/v1/activity/view

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/2617658.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 Apr 2024 20:09:40 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 20da9d38-400f-41c4-98b4-53c7bd13034c
x-envoy-upstream-service-time: 16
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 20da9d38-400f-41c4-98b4-53c7bd13034c
server: cloudflare
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.uptycs.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-snf7h
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8756d07cbcbc916b-FRA

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
536 B 140ms
140ms Image
image/gif 104.17.239.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=3

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.239.249 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 58be5b34-2309-4cd6-a53e-3cac9155ff34
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 58be5b34-2309-4cd6-a53e-3cac9155ff34
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-6hhpr
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8756d07c49454d88-FRA

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 209ms
155ms Image
image/gif 2606:4700::6812:c07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 20:09:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 92453e8a-e7e6-4694-81c4-904ebdd3bf2a
x-envoy-upstream-service-time: 6
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 92453e8a-e7e6-4694-81c4-904ebdd3bf2a
Last-Modified: Tue, 16 Apr 2024 20:09:40 GMT
Server: cloudflare
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-xbl6g
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 8756d07cdbf365b1-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
925 B 158ms
148ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=726726051&v=1.1&a=2617658&pi=133806526071&ct=blog-post&ccu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&cpi=133806526071&cgi=5593128451&lpi=133806526071&lvi=133806526071&lvc=en&pu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&t=WinRAR+Vulnerability+Exploitation%3A+Decode+%26+Bolster+Protection&cts=1713298181283&vi=bebd24343e2ed718561e5a8f320fe293&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 8c9fcd63-891a-4c00-96e6-8f5ca0098a3f
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 10
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8c9fcd63-891a-4c00-96e6-8f5ca0098a3f
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6sznz4uMRoFbghXvcAf%2Bqe%2FBqNuK5At87MR%2FB3EW7C9Rip5GeZSrgDJguI27wsnQj03WtzIyXPwb86GdjQvGDAhYOFr5cUcglmaw%2FoqZ4tawu%2BLddOCzjfw%2BE7RWo5aa0vO0DqWh7qk2hrTSwltf"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-qx45m
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8756d08129a137e6-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
959 B 162ms
161ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=464171ef-7766-4b86-9e48-f51bb13b325f&fci=3b848806-0722-4949-a72e-4881906c88f1&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=726726051&v=1.1&a=2617658&pi=133806526071&ct=blog-post&ccu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&cpi=133806526071&cgi=5593128451&lpi=133806526071&lvi=133806526071&lvc=en&pu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&t=WinRAR+Vulnerability+Exploitation%3A+Decode+%26+Bolster+Protection&cts=1713298181285&vi=bebd24343e2ed718561e5a8f320fe293&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f29cd82e-bb77-4132-8b7f-6158f6175d81
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 18
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f29cd82e-bb77-4132-8b7f-6158f6175d81
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KYPOhFn87YEERsLDiZYwAU7TFV1OigvKBcF6np3enXllJ3GAXtdjQYZYxXriiDdlVjCF1rYx5tTbq20ZYrMAb5C7xeY4wgmdsRd4WBEX85VBqhDpJkwgAxehzKmU7MPLE9NZTQryb%2FDc%2BWho3qnA"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-q9j5k
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8756d081299e37e6-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
754 B 146ms
146ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=0492e7b1-c029-4110-8042-598f482d9802&fci=1297ca44-21d4-42ea-8deb-d6564e7b5c32&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=726726051&v=1.1&a=2617658&pi=133806526071&ct=blog-post&ccu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&cpi=133806526071&cgi=5593128451&lpi=133806526071&lvi=133806526071&lvc=en&pu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&t=WinRAR+Vulnerability+Exploitation%3A+Decode+%26+Bolster+Protection&cts=1713298181285&vi=bebd24343e2ed718561e5a8f320fe293&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 402bb73e-05b8-43e4-bff5-8f9c7ab2cd94
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 11
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 402bb73e-05b8-43e4-bff5-8f9c7ab2cd94
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bc5hJJxrpr6Dnn0F7xefojm%2FDzc3pLAsV6wTEL%2FFVvh4l7fFArGefQm83bQEXgKpvTPOQuKXslAY8FyGiyv6f%2FDRH%2F59tlnE8vk0LGMwpkxlzHLmzIft0AjAakE%2F2wkoeMWpp93vxVtC8msfSAK%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-drvpc
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8756d08129a737e6-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
753 B 152ms
152ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=a84fa16e-d67b-4c28-b1c2-bce43902236e&fci=6a163c41-1de7-4bcd-9125-7dbb5e2777e0&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=726726051&v=1.1&a=2617658&pi=133806526071&ct=blog-post&ccu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&cpi=133806526071&cgi=5593128451&lpi=133806526071&lvi=133806526071&lvc=en&pu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&t=WinRAR+Vulnerability+Exploitation%3A+Decode+%26+Bolster+Protection&cts=1713298181286&vi=bebd24343e2ed718561e5a8f320fe293&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 765a0827-cd8d-4226-a012-33510bc263dd
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 8
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 765a0827-cd8d-4226-a012-33510bc263dd
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DQnAJEDaCmjZBU1VsXxaGJgjDB3F9esVal%2BlTS13mpXEaEmjDZKUS1LUtTCLmilPZHWBkzRl8OgiTLPE%2F%2BNn7wFaSeDcRYgD%2FNBXAZXPH0dU9Vfy6l9zUUYkL4MYdkIkF%2FP9Ut2JpK29BSWv8zxq"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-tgcxw
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8756d08139b637e6-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
949 B 144ms
144ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=a84fa16e-d67b-4c28-b1c2-bce43902236e&fci=6a163c41-1de7-4bcd-9125-7dbb5e2777e0&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=726726051&v=1.1&a=2617658&pi=133806526071&ct=blog-post&ccu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&cpi=133806526071&cgi=5593128451&lpi=133806526071&lvi=133806526071&lvc=en&pu=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&t=WinRAR+Vulnerability+Exploitation%3A+Decode+%26+Bolster+Protection&cts=1713298181287&vi=bebd24343e2ed718561e5a8f320fe293&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 62adfa45-7fbf-4abf-96f5-ffa1cd8108b6
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 7
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 62adfa45-7fbf-4abf-96f5-ffa1cd8108b6
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OT0OMLGsdWtXElZMB4k72C3WqhJ2DZ1PBqycXoumvqsvYnBN9TTHTTy0%2BGpkCPeXxo46ytnAcRHJkrLkK5UHKX3KlQoxFFiZjkJyZGv2woOC80qmmH5eCj3GYDbVQ3oLkTqK7ntDtGt9JSox03NM"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-sc7d7
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8756d08139b837e6-FRA
x-robots-tag: none

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
922 B 242ms
141ms Image
image/gif 104.18.160.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=interactive-shown&value=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.160.125 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 398510d4-f0c6-4dc7-9e00-5b5aaf971279
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 398510d4-f0c6-4dc7-9e00-5b5aaf971279
last-modified: Tue, 16 Apr 2024 20:09:41 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-844hl
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8756d081e88130cc-FRA

GET
H3 200 uptycs_mark_1C_purple_rgb.png
www.uptycs.com/hubfs/ 1 KB
3 KB 70ms
70ms Other
image/webp 199.60.103.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uptycs.com/hubfs/uptycs_mark_1C_purple_rgb.png

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f70955abef42b5240cc184d169ec39a8984ab7039551c60b4ab6d344c58a9a55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-92827431729,P-2617658,FLS-ALL
age: 399470
x-amz-request-id: 664PRDJ7RSGQ1BT0
x-amz-server-side-encryption: AES256
edge-cache-tag: F-92827431729,P-2617658,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="uptycs_mark_1C_purple_rgb.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "b64219261ef241570db231520c245abd"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1669224579835
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 16 Apr 2024 20:09:41 GMT
strict-transport-security: max-age=3628800
via: 1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: juazmubztdqvVFuMf3wUc1ybzSCPmDfV
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=3386
x-cache: RefreshHit from cloudfront
cache-tag: F-92827431729,P-2617658,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 1300
x-amz-id-2: 7GcGTTqdvnByqAQivwNFycf1JtlVMI392MyuGirKMSXCqqWT1j6tv5aDgOHssWk4NicZpoVAJbHz7Jort9I7tP10dPAvpRTu
last-modified: Wed, 23 Nov 2022 17:29:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TBK77Ml35%2BlPnpDTqhShhdgsXNnzhy44rZdhIP8Bzq3OMMr01A7ilyezSP2PEp1w0oWLMFPdu2D1uKc3uAGejQKaAeqZo8zO%2Fn5jqzLXMqiIAM9IoDPgazqjDYPaRfU7"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8756d081ec1da025-FRA
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: PsMGSnalp9wLLCO3C4GCD87rnYjoszSWCdLnc-nxlG3loqBkRdqLKw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 267 KB
91 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P663XDQ

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

beb07cbe2c542e6c07c095588a3a36309e98d28372113a1571090a618ebf7203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93366
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 19:40:09 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 20:09:43 GMT

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 102ms
55ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5&rnd=1297656017.1713298183&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&dma_cps=-&dma=1&npa=1&gtm=45He44f0n81P663XDQv79163642za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P663XDQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 20:09:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 65 KB
18 KB 274ms
59ms Script
application/javascript 93.186.134.99
SEABONE-NET TELEC...

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.134.99 , Italy, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

df4d1ff8adb72502d1b262d0a8af4c3c902ff5e37e442861f5a9fed51d75d18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 20:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2024 21:38:47 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6615b567-102f4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 17825
expires: Tue, 16 Apr 2024 20:09:43 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 48 KB
17 KB 155ms
42ms Script
application/javascript 2a02:26f0:780::210:a423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P663XDQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a423 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6cc4c722a50b4152194b13e7e3c8a1a5a5f23b17988f8fa85404394efc5c0984

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2024 07:42:51 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=59130
accept-ranges: bytes
content-length: 17238

GET
H3 200 zi-tag.js Show response
js.zi-scripts.com/ 8 KB
3 KB 121ms
47ms Script
application/javascript 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa8204005ed25e30f3ee56dbad3afa3c011e12636e75decf2b1aaf22a1c326dd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:43 GMT
x-amz-version-id: jWuK40m0MUEUayB9sycJH0u7f85X3F2r
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 c2c44e18165da827386e0ed36aeea344.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 26946
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Mar 2024 07:02:18 GMT
server: cloudflare
etag: W/"2cd903354c7c864dbd543d268219ef1d"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8756d08cfd6eb778-AMS
x-amz-cf-id: FswDcfU6ijoa7OnM28OiQC9RrKme9lVBuyxzRBp9IxVCUSDyPixjrQ==

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 142 KB
43 KB 349ms
172ms Script
application/javascript 2600:9000:20e1:bc00:15:a0d3:77c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: www.uptycs.com
URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e1:bc00:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Cf02rYNryv9UIBzoGOQeQJTZ2QU2vf2Y
content-encoding: gzip
via: 1.1 e2b1757c1d625cb5dd5e80ed880108ec.cloudfront.net (CloudFront)
date: Tue, 16 Apr 2024 20:09:44 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
x-amz-cf-pop: CDG50-C2
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Sep 2023 09:05:15 GMT
server: AmazonS3
etag: W/"e112b8bf96f23bc2970347a3c98e37fc"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: microphone 'none'; camera 'none';
x-amz-cf-id: Idd3gMZaJUBlf6crFp8OeT9iNpN2nCtqnlN9dykIQGIIVFP_XqnXGA==

GET
H3 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 203 B
562 B 187ms
187ms Fetch
application/json 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9f894a94e52f55a8b78fbfe44ef92e9e65537a222ff93ba9fa479896064caf24

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer 5d799bfd871670447419
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
visited_url: https://www.uptycs.com/blog/winrar-vulnerability-exploitation

Response headers

date: Tue, 16 Apr 2024 20:09:43 GMT
via: 1.1 63fbb6ca86d02da6071a8815a63418cc.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-cf-pop: TXL50-P5
x-powered-by: Express
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
apigw-requestid: WVcpRgG8PHcEMmw=
server: cloudflare
etag: W/"cb-UUYE45E9er3o5pN+WPkhbhEFieE"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 8756d09099bf2671-TXL
x-amz-cf-id: BSeJnFekFjNWGsuk8dlWMsBlYX0oFldH1GKlI7aikPrE-xpVluNMgg==

OPTIONS
H3 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 527ms
485ms Preflight 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://www.uptycs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
apigw-requestid: WVcpPhKZvHcEPYQ=
cf-cache-status: DYNAMIC
cf-ray: 8756d08d8b1a2671-TXL
date: Tue, 16 Apr 2024 20:09:43 GMT
server: cloudflare
vary: Access-Control-Request-Headers
via: 1.1 e1997deca771cb54e2886aed779bc92c.cloudfront.net (CloudFront)
x-amz-cf-id: 9TBnc7-t7DmuP31yQGg0TZU8-iptB4t7_89O8lPPNu9vBqNv4g9hqQ==
x-amz-cf-pop: TXL50-P5
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1713298183274&li_adsId=2521663d-d502-4bbf-8b26-14b104d29c2a&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1713298183274&li_adsId=2521663d-d502-4bbf-8b26-14b104d29c2a&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitati...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1252922%26time%3D1713298183274%26li_adsId%3D2521663d-d502-4bbf-8b26-14b104d29c2a%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1713298183274&li_adsId=2521663d-d502-4bbf-8b26-14b104d29c2a&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitati...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1713298183274&li_adsId=2521663d-d502-4bbf-8b26-14b104d29c2a&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitat...

0
265 B

281ms
206ms

Image
application/javascript

13.107.42.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1713298183274&li_adsId=2521663d-d502-4bbf-8b26-14b104d29c2a&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&cookiesTest=true&liSync=true&e_ipv6=AQIBlkvgBdpy5QAAAY7oh5emXH0gE0AY2_m6HN3t384INSPPgxiggZp_FDc7Cy8CxfYbgF_21e2lVQ
Protocol: H2
Server: 13.107.42.14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Apr 2024 20:09:43 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 181814E10F8E46AC993D3036F64A26F9 Ref B: FRAEDGE1407 Ref C: 2024-04-16T20:09:44Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYWPFGsjRY0K7PdgSx5AQ==

Redirect headers

date: Tue, 16 Apr 2024 20:09:44 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 100318A81D4143F5A49330D996BD632A Ref B: FRAEDGE1811 Ref C: 2024-04-16T20:09:44Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1252922&time=1713298183274&li_adsId=2521663d-d502-4bbf-8b26-14b104d29c2a&url=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&cookiesTest=true&liSync=true&e_ipv6=AQIBlkvgBdpy5QAAAY7oh5emXH0gE0AY2_m6HN3t384INSPPgxiggZp_FDc7Cy8CxfYbgF_21e2lVQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYWPFGoQleoF0EAHs3uXg==

GET
H2 200 / Show response
c.6sc.co/ 7 B
193 B 78ms
61ms XHR
text/html 93.186.134.99
SEABONE-NET TELEC...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.186.134.99 , Italy, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),
Reverse DNS
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:43 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.uptycs.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 24 B
317 B 128ms
26ms XHR
text/html 2a02:26f0:ab00::214:8e41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::214:8e41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2722cb522f4fe3f0f788fb0b73cb835e95cfc60e6808e5e401f1add3d186da92

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 20:09:43 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.uptycs.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:1b60:2:240:3247::11
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713298183506_34901565_385404149_25_940_19_52_219";dur=1
content-length: 24
expires: Tue, 16 Apr 2024 20:09:43 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 186ms
186ms Image
image/gif 93.186.134.99
SEABONE-NET TELEC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=7f8bd8662c3cd8304b53ece67c07c07c&svisitor=null&visitor=6e3a5eb9-255a-48f8-8771-92a21e2e3296&session=dbc25af7-992b-4767-8606-a7e3a6bb3a63&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2016%20Apr%202024%2020%3A09%3A43%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2023-38831%3A%20the%20WinRAR%20vulnerability%2C%20study%20its%20impact%20on%20digital%20security%20%26%20learn%20how%20cybercriminals%20exploit%20file%20extension%20spoofing%20in%20popular%20tools%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22WinRAR%20Vulnerability%20Exploitation%3A%20Decode%20%26amp%3B%20Bolster%20Protection%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&pageViewId=851bc81d-de6a-491a-8b6b-00e0b2da96f0&v=1.1.16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.134.99 , Italy, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 20:09:43 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 16 Apr 2024 20:09:43 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 185ms
185ms Image
image/gif 93.186.134.99
SEABONE-NET TELEC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=7f8bd8662c3cd8304b53ece67c07c07c&svisitor=null&visitor=6e3a5eb9-255a-48f8-8771-92a21e2e3296&session=dbc25af7-992b-4767-8606-a7e3a6bb3a63&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2016%20Apr%202024%2020%3A09%3A43%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%227f8bd8662c3cd8304b53ece67c07c07c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2016%20Apr%202024%2020%3A09%3A43%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2016%20Apr%202024%2020%3A09%3A43%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2023-38831%3A%20the%20WinRAR%20vulnerability%2C%20study%20its%20impact%20on%20digital%20security%20%26%20learn%20how%20cybercriminals%20exploit%20file%20extension%20spoofing%20in%20popular%20tools%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22WinRAR%20Vulnerability%20Exploitation%3A%20Decode%20%26amp%3B%20Bolster%20Protection%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&pageViewId=851bc81d-de6a-491a-8b6b-00e0b2da96f0&v=1.1.16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.134.99 , Italy, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 20:09:43 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 16 Apr 2024 20:09:43 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 182ms
182ms Image
image/gif 93.186.134.99
SEABONE-NET TELEC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=7f8bd8662c3cd8304b53ece67c07c07c&svisitor=null&visitor=6e3a5eb9-255a-48f8-8771-92a21e2e3296&session=dbc25af7-992b-4767-8606-a7e3a6bb3a63&event=ipv6&q=%7B%22address%22%3A%222001%3A1b60%3A2%3A240%3A3247%3A%3A11%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2023-38831%3A%20the%20WinRAR%20vulnerability%2C%20study%20its%20impact%20on%20digital%20security%20%26%20learn%20how%20cybercriminals%20exploit%20file%20extension%20spoofing%20in%20popular%20tools%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22WinRAR%20Vulnerability%20Exploitation%3A%20Decode%20%26amp%3B%20Bolster%20Protection%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&pageViewId=851bc81d-de6a-491a-8b6b-00e0b2da96f0&v=1.1.16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.134.99 , Italy, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 20:09:43 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 16 Apr 2024 20:09:43 GMT

GET
H3 200 formcomplete.js Show response
ws-assets.zoominfo.com/ 86 KB
27 KB 141ms
71ms Script
application/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-assets.zoominfo.com/formcomplete.js
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30e56b8ea8620ad4338d19c01c39c349bd2e614716adff78dec000cbab05158d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 1864
x-guploader-uploadid: ABPtcPrfKqJUl6fwAZhqw1kKCGKENJamgWLihLPZ2bm9CRVeznz3fOtyl4HvvE8RQaTVC9avbQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Mar 2024 09:53:49 GMT
server: cloudflare
etag: W/"b53466e5475228f081a9e4df4b319aae"
x-goog-hash: crc32c=T+Sa9g==, md5=tTRm5UdSKPCBqeTfSzGarg==
x-goog-generation: 1710237229773246
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 87941
cf-ray: 8756d0922d0e049b-FRA
expires: Tue, 16 Apr 2024 20:38:40 GMT

GET
H3 200 / Show response
ws.zoominfo.com/pixel/6127ecc2d037650015c31617/ 3 KB
2 KB 303ms
262ms Fetch
text/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6127ecc2d037650015c31617/?iszitag=true

Requested by

Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1208181c9a414a5c9fecbb0437d747d189a22570bd95eb4ee1c1b5bb92af26f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/javascript
visited-url: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
_vtok: MjE3LjExNC4yMTguMjQ=
_zitok: 09f8a32909365a3494051713298183
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.uptycs.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 8756d09399a8900d-FRA

OPTIONS
H3 200 /
ws.zoominfo.com/pixel/6127ecc2d037650015c31617/ Frame 0
0 254ms
184ms Preflight
text/html 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6127ecc2d037650015c31617/?iszitag=true

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type,visited-url
Access-Control-Request-Method: GET
Origin: https://www.uptycs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin: https://www.uptycs.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8756d0922ddb9f11-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 16 Apr 2024 20:09:44 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

OPTIONS
H3 200 forms
ws.zoominfo.com/formcomplete-v2/ Frame 0
0 197ms
197ms Preflight
text/html 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.uptycs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin: https://www.uptycs.com
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8756d092ce989f11-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 16 Apr 2024 20:09:44 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

POST
H3 200 forms Show response
ws.zoominfo.com/formcomplete-v2/ 396 B
695 B 164ms
164ms Fetch
application/json 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Requested by

Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f183a02540b19ddb117ab6e690021755770b5f73784eded85066bab395c7cdab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: bearer eb80a034af9a77c4c43d5841044feb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"18c-UDdq46tNmFhkRcWaR9URtM35s0A"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.uptycs.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray: 8756d0940a15900d-FRA

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 191ms
190ms Image
image/gif 93.186.134.99
SEABONE-NET TELEC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=7f8bd8662c3cd8304b53ece67c07c07c&svisitor=null&visitor=6e3a5eb9-255a-48f8-8771-92a21e2e3296&session=dbc25af7-992b-4767-8606-a7e3a6bb3a63&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2016%20Apr%202024%2020%3A09%3A44%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2016%20Apr%202024%2020%3A09%3A43%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22CVE-2023-38831%3A%20the%20WinRAR%20vulnerability%2C%20study%20its%20impact%20on%20digital%20security%20%26%20learn%20how%20cybercriminals%20exploit%20file%20extension%20spoofing%20in%20popular%20tools%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22WinRAR%20Vulnerability%20Exploitation%3A%20Decode%20%26amp%3B%20Bolster%20Protection%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.uptycs.com%2Fblog%2Fwinrar-vulnerability-exploitation&pageViewId=851bc81d-de6a-491a-8b6b-00e0b2da96f0&v=1.1.16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.134.99 , Italy, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 20:09:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 16 Apr 2024 20:09:44 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
195 B 194ms
194ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://www.uptycs.com/blog/winrar-vulnerability-exploitation
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 20:09:44 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D5068040DF164947B31DEBC39597988D Ref B: FRAEDGE1811 Ref C: 2024-04-16T20:09:44Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://www.uptycs.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYWPFGvk9joZsqZzhJakA==

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hs-sites.com/	1969-12-31 23:59:59	Name: __cfruid Value: 99282f4ea546a4ac7a6f3b116a06c1357ac0b3c8-1713298181
.hubspot.com/	1970-01-20 19:54:59	Name: __cf_bm Value: kcVrhqhSxeplUz0ow7dnxDw_lXkf_p_lpxhB0KUY3xI-1713298181-1.0.1.1-vRmxCkgzwzphlBKN.zEXPYxYms97Eq_TG.4v2BSXryI75NPUDi0oDLhaOggVTfducqVOdwtlTixQlEeEXdvDeA
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: ru2n9wYvDKoBP1G0bNPS6a3aWmM731sN8a32YzLWPE0-1713298181448-0.0.1.1-604800000
.www.uptycs.com/	1970-01-20 19:54:59	Name: __cf_bm Value: cpD2L0BbDVqgQCvN8xFu5tWo4YbjThrfGIFAiZt1taY-1713298181-1.0.1.1-CJxaO_dNf1LkUIUulstu1r1s7cO9e9hV75xN7IqxBrlVndTTnz88gKvsQ9a3daxMB2zXFCeIjELCQCuBiOaQMw
.www.uptycs.com/	1969-12-31 23:59:59	Name: __cfruid Value: 6fdf76b9d9a17862001ae67c388451c9645fe629-1713298181
.hsforms.com/	1970-01-20 19:54:59	Name: __cf_bm Value: 9Ug8BxE9mAwgdPleQ7d1ymcbWlf6A8lTDH2aqqemBqc-1713298181-1.0.1.1-SCQd1mcd_FF6UGg.9oZKbqMGoZZhCfSOZ_SmVmra0LNh4MaU9Po96jnn1D0I32vnzG.48FixVSEiy4z02B05_w
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 55GOoIBF8369un2d3UodmWDA7ccaLeaYgZRZkZ7DnSE-1713298181544-0.0.1.1-604800000
www.uptycs.com/	1970-01-21 05:30:58	Name: _gd_visitor Value: 6e3a5eb9-255a-48f8-8771-92a21e2e3296
www.uptycs.com/	1970-01-20 19:55:12	Name: _gd_session Value: dbc25af7-992b-4767-8606-a7e3a6bb3a63
.linkedin.com/	1970-01-20 22:04:34	Name: li_sugr Value: b2138c22-fa28-4a8f-81df-8b9bb54e97df
.linkedin.com/	1970-01-21 04:40:34	Name: bcookie Value: "v=2&a4f46963-957b-4dc9-80f7-43e0f863034b"
.linkedin.com/	1970-01-20 19:56:24	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3205:u=1:x=1:i=1713298183:t=1713384583:v=2:sig=AQEhJ1yvTy74oxBfPVyuTIA-1PyjRSMN"
.linkedin.com/	1970-01-20 20:38:10	Name: UserMatchHistory Value: AQLLL_O20bytXAAAAY7oh5YbD7cvCkHNWi9sQ6-fteEtdCR7A9l8iOrSf-tVV3xQMbc1lve_Mu20Jw
.linkedin.com/	1970-01-20 20:38:10	Name: AnalyticsSyncHistory Value: AQLZLNILYKGYOgAAAY7oh5YbiNUgLoQNbhdHzXOPNpRNzFt8Dt5X78dMbaCT7MbhTvklF4rdlPrGAf4h-87dAw
.www.uptycs.com/	1970-01-21 04:40:34	Name: _zitok Value: 09f8a32909365a3494051713298183
.www.linkedin.com/	1970-01-21 04:40:34	Name: bscookie Value: "v=1&20240416200943e1703cda-322d-4895-8182-fc927549b193AQFh9eAzRj9J9vV1Jk2wZgNxOSEUv7bQ"
.linkedin.com/	1970-01-21 00:14:10	Name: li_gc Value: MTswOzE3MTMyOTgxODM7MjswMjGRqil1fkSh9l6qD+onW6pn+NWJR7AC7DrGnQj0jepCwA==
.zoominfo.com/	1970-01-20 19:54:59	Name: __cf_bm Value: 7BjsmHO_ZoBwX4oDuqGlgTGw9q52Mnveck7o1Kt7xkQ-1713298184-1.0.1.1-sJDZpVZ8bZLbOFwM58q_v3DvAADrPNbfU37j6UiDiuPIn446lkpc1RCqEqPYhIDgM4D58MiRuisXaYEuH22pwg
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: diBMm3PxOXjaKAsIJoh8QtOUdN9Jv3eYFMQoY35FDo0-1713298184076-0.0.1.1-604800000

98 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uptycs.com/blog/winrar-vulnerability-exploitation Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=3628800
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2617658.fs1.hubspotusercontent-na1.net
2617658.hs-sites.com
app.hubspot.com
b.6sc.co
c.6sc.co
cdn.bc0a.com
cta-service-cms2.hubspot.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
ipv6.6sc.co
ixfd2-api.bc0a.com
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hubspot.com
js.usemessages.com
js.zi-scripts.com
pagead2.googlesyndication.com
perf-na1.hsforms.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
s7.addthis.com
snap.licdn.com
static.hsappstatic.net
track.hubspot.com
ws-assets.zoominfo.com
ws.zoominfo.com
www.clickcease.com
www.googletagmanager.com
www.linkedin.com
www.uptycs.com
104.16.117.43
104.17.239.249
104.18.160.125
104.18.37.212
104.18.96.115
13.107.42.14
142.250.185.130
199.60.103.30
2001:4860:4802:34::36
2600:9000:20e1:bc00:15:a0d3:77c0:93a1
2606:4700:4400::6812:22e5
2606:4700:4400::ac40:9284
2606:4700::6810:4f8e
2606:4700::6810:6cfe
2606:4700::6810:7574
2606:4700::6811:80ac
2606:4700::6811:ad5b
2606:4700::6811:afc9
2606:4700::6812:c07d
2620:1ec:21::14
2a00:1450:4001:831::2008
2a02:26f0:780::210:a423
2a02:26f0:ab00::214:8e41
34.111.194.12
35.201.125.192
93.186.134.99
96.17.22.84
0129b8069a49823a5d35bf34b49b24dc6bedf3d14e3dda384c670e1cc70ac808
0360c12a2f39ba0f8873ab217623c352fef0d3672befb9ce5136946e537f29be
040f64bcda95f9c547a6a18c08f0d93ea74aa3b4578d1d2ac866d982b20cbe5e
079b50a935e09e7b76aae1a90a6ffa6bd1d212c5325e5f807b43a01c7f137359
1208181c9a414a5c9fecbb0437d747d189a22570bd95eb4ee1c1b5bb92af26f4
1319f660ed35f54b74f6661678a888cb40450ce747a39b0e5e24e9b81a5d0362
190511b8de2cf98ac6589db93eafa17c3790ea125ddc8155cbdbb9a710105ffd
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1b074cfeebb801d02ec1a5e05e84ce4ef98399eb1345f03d0cfca97dcc4a1f42
1c4abe335de21d3c217464900069df441f789c7bbdacaf01502c580302882a4c
239ae49c8d705018310a20bd6700d99c0cec7ba323d8b9e416aa39a536c5c4e8
2722cb522f4fe3f0f788fb0b73cb835e95cfc60e6808e5e401f1add3d186da92
277350427e7acd72d4cfacd8abebc68c4b63b62c7ff03939ccf8d43d658b5c3f
30e56b8ea8620ad4338d19c01c39c349bd2e614716adff78dec000cbab05158d
31cafac9c7b9f743c27dd8dc5eaca3c0a41d926f4c6e762705c78682e0395b59
47f03cc6ab71a0bc759411bf942c7e4c5b3168d7a02032d515b0d3f7ae05ce43
4c19b3e1b4412d65f2867422b94958aef88fb30739eb739e2c7dc2ea53dc0e38
5334099fe7880d9ccf2c13acdf79ed68acd9b43d4484a1bdec8b32633edb03a0
5623e9b1282e7a679a484471893d725a1c7fd3f53f73acbe24d593837be53cb8
573e790ed540658ffc08f3befacf918be1983ddc0a53590eb9b30b633426766f
5a5e3b46619f9fe7bf16293bb68d107fb737b4941254f8af28310adf3f1fdc17
5c76dd89a767afd512ce6c6370424f39a632ebb736c16ac37952fbfd97575448
62e120f9707942e703ef7a54d281e0f4a4027114e88e57f38909e48927029604
66a8b75434260e1f342f6076266eeb326b6dac3c64101c336c1d72c5b45a2159
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
69c8c1bcaabd7a9ab8577890ad0ddbae9f7b83ad0e22dc2cc009407d0b55c9ea
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cc4c722a50b4152194b13e7e3c8a1a5a5f23b17988f8fa85404394efc5c0984
7775c3a94d76e47ed6bda5a404bf940ef8f710223ecdd4bfb7f48edb58925430
7bff784a3bbc102dd33d8ae430ac411ec6a23cf781d621a97a5a86d68820d956
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
8ac8d97e764db7910c1cebdfe45a86320fd20f14fdb7556e945b682924232a39
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8f252e1400b1605892f7888912dfd2ce543da077c81d27a0fd1a1c679b2a8019
9107b39f4b81d9c43eddf95bf023427c4d0ebf27e07d964212f149d4992b4bae
9ee5c21fba72db5037f82a272693e5db4bb73ab1059a340dcffc9bee28f670c1
9f894a94e52f55a8b78fbfe44ef92e9e65537a222ff93ba9fa479896064caf24
aec0edd8a3392894c45f5198ed0d0fca6db9ccd08876ef5f46220036769b4172
b48a0510a39e949184e762267407b9d7292b4fd69dcbf953b657c1e9cfc4cc61
beb07cbe2c542e6c07c095588a3a36309e98d28372113a1571090a618ebf7203
c247f4f6de93c46c80e02486f424fe8688f0a7452bf075f3fc9c69787023af55
c431b7004f2def447ab4b6b2e63e694f322c65162a22e689f91a69e391241df4
cb477ae886e560d1b6e91c20530481d54fc3a6f3aa856be980d058a021c33ea5
cb50a9bde03200d57415dee62d7e53f774133db7cc583137659ee77c541d7092
cc3a1deb7e3828d4af18bb095b0642db6df003ed68381d53c45ab45e0cd08451
d6dbfb54d184fc844246109961e438a50358d54fb353b39ecbb35e12cbf80164
daa6ba4aaaa19a6c3534b658a750a68d12c9cc742b940c61ee84d1191045b6b5
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df4d1ff8adb72502d1b262d0a8af4c3c902ff5e37e442861f5a9fed51d75d18f
e39b04223da4b61f9443127008257c7e245bb4567f8aea02b92c61f8f9ff8c18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6067dcd5dce2a3474610f14be162b671b90e8d916358d4cf324a526fb5e9ac6
e790f5441ccb1e4e94e2b96cfff2f47e0349879360c73e4f84cb76c7d3af5a37
e7d73ae35c3412dd12292590b041a66f83a14f7766041b8d523fadf78c8d7daa
eef60ddfd0f1a9ed27970a3d97e6a4b14f000893172ed9deb5858f5f10e5d3ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2
f183a02540b19ddb117ab6e690021755770b5f73784eded85066bab395c7cdab
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f70955abef42b5240cc184d169ec39a8984ab7039551c60b4ab6d344c58a9a55
f826bcac220a5475477ee65fae659b0d8292d038d180a122df67fadb6742ed52
fa8204005ed25e30f3ee56dbad3afa3c011e12636e75decf2b1aaf22a1c326dd
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

www.uptycs.com Open in urlscan Pro 199.60.103.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

99 %HTTPS

56 %IPv6

22 Domains

35 Subdomains

28 IPs

5 Countries

1183 kBTransfer

2997 kBSize

19 Cookies

9 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.uptycs.com Open in urlscan Pro
199.60.103.30 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

99 %
HTTPS

56 %
IPv6

22
Domains

35
Subdomains

28
IPs

5
Countries

1183 kB
Transfer

2997 kB
Size

19
Cookies

86 HTTP transactions
1 data transactions