urlscan.io logo urlscan.io
SecurityTrails logo

gtworek.com Open in urlscan Pro
52.223.52.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.convertkit-mail2.com/gku5dnezr2f5hdvrvv7frh8nol999bm/m2h7h5h842g9vzsm/aHR0cHM6Ly9ndHdvcmVrLmNvbS9tYXN0ZXJpbmctd2luZG9...
Effective URL: https://gtworek.com/mastering-windows-internals
Submission: On November 28 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 32 HTTP transactions. The main IP is 52.223.52.2, located in United States and belongs to AMAZON-02, US. The main domain is gtworek.com.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on November 9th 2024. Valid for: 3 months.
This is the only time gtworek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.141.222.179 16509 (AMAZON-02)
1 52.223.52.2 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
19 2600:9000:266... 16509 (AMAZON-02)
3 13.226.94.116 16509 (AMAZON-02)
6 142.251.40.227 15169 (GOOGLE)
1 18.238.80.94 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
32 8
1    3.141.222.179 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: el2.convertkit-mail2.com
click.convertkit-mail2.com
1    52.223.52.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0b1d980e1f2226c6.awsglobalaccelerator.com
gtworek.com
1    2607:f8b0:4006:824::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
19    2600:9000:266a:3600:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)
framerusercontent.com
3    13.226.94.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-94-116.jfk52.r.cloudfront.net
events.framer.com
6    142.251.40.227 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f3.1e100.net
fonts.gstatic.com
1    18.238.80.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-94.jfk52.r.cloudfront.net
framerusercontent.com
1    2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
20 framerusercontent.com
framerusercontent.com — Cisco Umbrella Rank: 25787
428 KB
6 gstatic.com
fonts.gstatic.com
111 KB
3 framer.com
events.framer.com — Cisco Umbrella Rank: 40059
7 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
108 KB
1 gtworek.com
gtworek.com
30 KB
1 convertkit-mail2.com
click.convertkit-mail2.com — Cisco Umbrella Rank: 115718
495 B
32 7
Domain Requested by
20 framerusercontent.com gtworek.com
6 fonts.gstatic.com gtworek.com
3 events.framer.com gtworek.com
events.framer.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com gtworek.com
1 gtworek.com
1 click.convertkit-mail2.com 1 redirects
32 7

This site contains links to these domains. Also see Links.

Domain
payments.gtworek.com
Subject Issuer Validity Valid
gtworek.com
ZeroSSL ECC Domain Secure Site CA		 2024-11-09 -
2025-02-07		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
framerusercontent.com
Amazon RSA 2048 M03		 2024-11-16 -
2025-12-14		 a year crt.sh
events.framer.com
Amazon RSA 2048 M03		 2024-04-09 -
2025-05-07		 a year crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://gtworek.com/mastering-windows-internals
Frame ID: 44E036448154E8465F4151FE0D9964A8
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mastering Windows Internals

Page URL History Show full URLs

  1. https://click.convertkit-mail2.com/gku5dnezr2f5hdvrvv7frh8nol999bm/m2h7h5h842g9vzsm/aHR0cHM6Ly9ndHdvcmVrLmNvbS9... HTTP 302
    https://gtworek.com/mastering-windows-internals Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

32
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

7
Subdomains

8
IPs

1
Countries

684 kB
Transfer

1950 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.convertkit-mail2.com/gku5dnezr2f5hdvrvv7frh8nol999bm/m2h7h5h842g9vzsm/aHR0cHM6Ly9ndHdvcmVrLmNvbS9tYXN0ZXJpbmctd2luZG93cy1pbnRlcm5hbHM= HTTP 302
    https://gtworek.com/mastering-windows-internals Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mastering-windows-internals
gtworek.com/
Redirect Chain
  • https://click.convertkit-mail2.com/gku5dnezr2f5hdvrvv7frh8nol999bm/m2h7h5h842g9vzsm/aHR0cHM6Ly9ndHdvcmVrLmNvbS9tYXN0ZXJpbmctd2luZG93cy1pbnRlcm5hbHM=
  • https://gtworek.com/mastering-windows-internals
336 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gtworek.com/mastering-windows-internals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.52.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0b1d980e1f2226c6.awsglobalaccelerator.com
Software
Framer/e6d6447 /
Resource Hash
9d3e851a5c7c0a1cf76d8c212ea2ff8ff4b253dc3fff3d417faa32e5771d03e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-length
30241
content-type
text/html
date
Thu, 28 Nov 2024 18:56:26 GMT
etag
"a5077699e4621c5c0f1c8a0e38a0ffdc"
last-modified
Thu, 28 Nov 2024 00:20:11 GMT
link
<https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server
Framer/e6d6447
server-timing
region;desc="us-east-1", cache;desc="cached", ssg-status;desc="optimized", version;desc="e6d6447"
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 28 Nov 2024 18:56:26 GMT
Server
nginx/1.18.0
cache-control
no-cache
location
https://gtworek.com/mastering-windows-internals
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
2717285f-b1a7-45fd-8318-6add336ab5e6
x-runtime
0.017416
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		323 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B3MNW8K7VF
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ca6ee0c909a3af99bc911dd17e1153cf9e0cce7ca30068142bb560b4b59d954e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gtworek.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 28 Nov 2024 18:56:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 18:56:27 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109675
x-xss-protection
0
server
Google Tag Manager
chunk-B3LQX3YV.mjs
framerusercontent.com/sites/5vlPzrS1FtwdPBlYvjh3ZS/ 		654 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/5vlPzrS1FtwdPBlYvjh3ZS/chunk-B3LQX3YV.mjs
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:3600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
126d8354ccc24608a4d33915ff94f106177d049308436c3364005442618f0ff8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gtworek.com
Referer
https://gtworek.com/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"12fcc4c1f6174ca9446b0aa96f5b4b63"
x-amz-version-id
2OEKN6UfEVlq5YrGgDdSMHqRagbCDlew
age
59309
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
n6grv4SY_dNQ_odoSYQaYEu7Z7oup7jNoHenkgsZsudqFywslQHZTg==
date
Thu, 28 Nov 2024 02:27:59 GMT
content-type
text/javascript
last-modified
Thu, 28 Nov 2024 00:20:09 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="n6grv4SY_dNQ_odoSYQaYEu7Z7oup7jNoHenkgsZsudqFywslQHZTg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-JR5VT52U.mjs
framerusercontent.com/sites/5vlPzrS1FtwdPBlYvjh3ZS/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/5vlPzrS1FtwdPBlYvjh3ZS/chunk-JR5VT52U.mjs
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:3600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
8b91ee4af78a9558d2bbbc889b190d7c47647405fabc8ae5be1c014d6c938228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gtworek.com
Referer
https://gtworek.com/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"8dc2caa5dfa40c0964a44a081b0b17d9"
x-amz-version-id
9RFKWMyQflOEcKG9XcfU1Y_u5MBoIVBF
age
611886
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
wrD4010_9_TWoPKxAFKJrmmXf64cAERBekP9fgYaX8p0905GuwwCsw==
date
Thu, 21 Nov 2024 16:58:22 GMT
content-type
text/javascript
last-modified
Thu, 21 Nov 2024 16:34:28 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="wrD4010_9_TWoPKxAFKJrmmXf64cAERBekP9fgYaX8p0905GuwwCsw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-RIUMFBNJ.mjs
framerusercontent.com/sites/5vlPzrS1FtwdPBlYvjh3ZS/ 		447 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/5vlPzrS1FtwdPBlYvjh3ZS/chunk-RIUMFBNJ.mjs
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:3600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
a9428e5e5f6c5ede3339114a8be6230e2cc39a2190d03f1092ae93bdaf556891
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gtworek.com
Referer
https://gtworek.com/

Response headers

access-control-max-age
0
etag
"30ed32fa3444df726bb60d89113cf478"
x-amz-version-id
x.i6BezAyKI1pIb6KhvP4LMMw5EgrrBm
age
868628
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
i1-4_unb-gxfm7UQxbZYJAAgyZtmfFhkTtkLmQVPK0GtgqSRDWldXQ==
date
Mon, 18 Nov 2024 17:39:20 GMT
content-type
text/javascript
last-modified
Tue, 05 Nov 2024 16:07:52 GMT
vary
Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="i1-4_unb-gxfm7UQxbZYJAAgyZtmfFhkTtkLmQVPK0GtgqSRDWldXQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
447
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
server
CloudFront
x-amz-server-side-encryption
AES256
H462Ou9gb376cbF4qIH1C4hBo2Tqcz7kUQc8j0tA-Uc.ORCHB3BM.mjs
framerusercontent.com/sites/5vlPzrS1FtwdPBlYvjh3ZS/ 		208 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/5vlPzrS1FtwdPBlYvjh3ZS/H462Ou9gb376cbF4qIH1C4hBo2Tqcz7kUQc8j0tA-Uc.ORCHB3BM.mjs
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:3600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
47e2a6b0d1051916db9d872ecb982c4c581833c3d95804bf6a302498ed8c2984
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gtworek.com
Referer
https://gtworek.com/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"54aaddeaaa8ca0d5c07b1b1c61309fff"
x-amz-version-id
RGjn86fWgTpnTd_4YaFr5hhoEQ2nLc75
age
59309
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
0puxjChogeWkeYARB4HuZSkmiwbBfpPrlCa_k_To--3iRFiwKJmsBQ==
date
Thu, 28 Nov 2024 02:27:59 GMT
content-type
text/javascript
last-modified
Thu, 28 Nov 2024 00:20:09 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="0puxjChogeWkeYARB4HuZSkmiwbBfpPrlCa_k_To--3iRFiwKJmsBQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-FC3LES64.mjs
framerusercontent.com/sites/5vlPzrS1FtwdPBlYvjh3ZS/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/5vlPzrS1FtwdPBlYvjh3ZS/chunk-FC3LES64.mjs
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:3600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
459b4d7e9a50cdfe16f94845dfa136a501dc88fcaa531ec35c90da4a49a6cb6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gtworek.com
Referer
https://gtworek.com/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"cce076a03facaa3677269161212cc405"
x-amz-version-id
83fd0I8pkysFixXjD3Acf7HvOYbK94tn
age
59309
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
H7FC29ADPMLuX2SCilafNH8oToaLd1KZ2dPifo3WZyRosUfiwoAgcw==
date
Thu, 28 Nov 2024 02:27:59 GMT
content-type
text/javascript
last-modified
Thu, 28 Nov 2024 00:20:09 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="H7FC29ADPMLuX2SCilafNH8oToaLd1KZ2dPifo3WZyRosUfiwoAgcw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-42U43NKG.mjs
framerusercontent.com/sites/5vlPzrS1FtwdPBlYvjh3ZS/ 		44 B
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/5vlPzrS1FtwdPBlYvjh3ZS/chunk-42U43NKG.mjs
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:3600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gtworek.com
Referer
https://gtworek.com/

Response headers

access-control-max-age
0
etag
"f5fe0cab78140e0e5aa29f68ce8c2888"
x-amz-version-id
HxwhcxJwhgCJ.Yt5w0eOUM7gdPfz6QOW
age
868627
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
A3JGsyPGwrAOfvCdT4qnHRYkzkznAb6DTPsrj1iOl4pAqMEoGKu4tg==
date
Mon, 18 Nov 2024 17:39:20 GMT
content-type
text/javascript
last-modified
Tue, 05 Nov 2024 16:07:52 GMT
vary
Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="A3JGsyPGwrAOfvCdT4qnHRYkzkznAb6DTPsrj1iOl4pAqMEoGKu4tg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
44
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-EVITQRR3.mjs
framerusercontent.com/sites/5vlPzrS1FtwdPBlYvjh3ZS/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/5vlPzrS1FtwdPBlYvjh3ZS/chunk-EVITQRR3.mjs
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:3600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
3904a2afc0d8d63c8cf6fb0762a11b9261087e6d8e90c4adcd91a350bd7a49c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gtworek.com
Referer
https://gtworek.com/

Response headers

access-control-max-age
0
etag
"47c06dd85f3059178eefd8c678df917d"
x-amz-version-id
MXfyhT7m02XSh7lR3.07.0WQELkuqEsI
age
59309
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
gy-FnqbZ2-bXo3qTBp7mAosK-YryWmdJeDlWcVMY_VSutXBWZZFxEA==
date
Thu, 28 Nov 2024 02:27:59 GMT
content-type
text/javascript
last-modified
Thu, 28 Nov 2024 00:20:09 GMT
vary
Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="gy-FnqbZ2-bXo3qTBp7mAosK-YryWmdJeDlWcVMY_VSutXBWZZFxEA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
993
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
server
CloudFront
x-amz-server-side-encryption
AES256
script_main.KC523DNO.mjs
framerusercontent.com/sites/5vlPzrS1FtwdPBlYvjh3ZS/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/5vlPzrS1FtwdPBlYvjh3ZS/script_main.KC523DNO.mjs
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:3600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
ec4f0f577ebaa294f1de95377e33082ae91fd7700a78da84b70a1b37bec8d97f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gtworek.com
Referer
https://gtworek.com/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"7cd9e5f58180a0b179a124be3258a3f0"
x-amz-version-id
DgaWdnh9fainTcHNygmErt62rJwsBTKi
age
59309
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
HRcLU0MJO5VWQ3GGRx-Ii0b_SUQCQb-nRQUBSqNSr6bi0JxfkVuROA==
date
Thu, 28 Nov 2024 02:27:59 GMT
content-type
text/javascript
last-modified
Thu, 28 Nov 2024 00:20:09 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="HRcLU0MJO5VWQ3GGRx-Ii0b_SUQCQb-nRQUBSqNSr6bi0JxfkVuROA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
server
CloudFront
x-amz-server-side-encryption
AES256
script
events.framer.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/script
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.94.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-94-116.jfk52.r.cloudfront.net
Software
/
Resource Hash
89e61318afc569842f98ccd196ff7cfbb36ec69bad3af935dd5c7149b494fde4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gtworek.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amzn-remapped-content-length
18177
timestamp
Thu, 28 Nov 2024 18:54:29 GMT
content-encoding
gzip
x-amz-apigw-id
B-JyVHuzIAMEmEw=
x-amzn-trace-id
Root=1-6748bcdb-7d021f1432f9c6542219dac7
x-amzn-requestid
c148fff7-7536-4346-bb7f-e6b1e8c53c87
via
1.1 cc3dab704d6aa33fe47fd3b876e1228e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
6204
x-amz-cf-id
0EoOOVuguxcmjEzVZW1jpIESgdVtG7dAGEORju7pLth3rFnPSSDfVg==
date
Thu, 28 Nov 2024 18:56:27 GMT
content-type
text/javascript
x-amz-cf-pop
JFK52-P10
Ync6e67SWn8PSO7R3Ci9jJH7vKM.jpg
framerusercontent.com/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/Ync6e67SWn8PSO7R3Ci9jJH7vKM.jpg
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:3600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8681734a4f9094ffd08e1ae30133225be16c07ca82939c07972fae48d5aea563
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gtworek.com/

Response headers

etag
"720a74a2a054ee1ec4ca3f39aa170223"
age
916522
x-content-type-options
nosniff
x-amzn-requestid
b7c567ae-ee68-416a-9755-511ca6376555
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
BWDsgXvOyLn3c-7j5mpD3yF7meyYD_29_z9VNJmlVg23Vyfn9ZaOXQ==
date
Mon, 18 Nov 2024 04:21:05 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="BWDsgXvOyLn3c-7j5mpD3yF7meyYD_29_z9VNJmlVg23Vyfn9ZaOXQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-673ac0af-4bae52623af82814158f7dd7;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 4b70da48eda82f2df6875ba8bf8f89ba.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
H0ybk7UudHX7WVqNezZw0YvUrY.png
framerusercontent.com/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/H0ybk7UudHX7WVqNezZw0YvUrY.png?scale-down-to=512
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:3600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d194cf9f3219acce24f583d07229363371772bc90315ce5af8ede6d62f790dd4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gtworek.com/

Response headers

etag
"8bd6cac557648fdc57394973e372f492"
age
817424
x-content-type-options
nosniff
x-amzn-requestid
9d6fd9e4-4dd1-49f3-a65a-9295f7d8916a
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
KnEIwXYP3f0vsDiLDyYURUGWBxM5aQ05QdcsMXjs804Yc92bSIlxow==
date
Tue, 19 Nov 2024 07:52:43 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="KnEIwXYP3f0vsDiLDyYURUGWBxM5aQ05QdcsMXjs804Yc92bSIlxow==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-673c43cb-5605e97375a429041abd7718;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 4b70da48eda82f2df6875ba8bf8f89ba.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
DZkUMMdmhonRtoBag2gIH6c7uE4.jpg
framerusercontent.com/images/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/DZkUMMdmhonRtoBag2gIH6c7uE4.jpg?scale-down-to=512
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:3600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e6a423bef680ca8d4de29a333b52bfdb2c8b87b9b44def85f719f29409a33b54
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gtworek.com/

Response headers

etag
"79e356af66b8c1088033a9ceabc08ef9"
age
4563650
x-content-type-options
nosniff
x-amzn-requestid
af64215f-19a7-4873-9fc4-aef7afd4def6
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
s5LoEsLK1JvnHIm6SFAJYuRE-6G2NroJls7EvOILnTaV-_zkO5Ksqw==
date
Sun, 06 Oct 2024 23:15:37 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="s5LoEsLK1JvnHIm6SFAJYuRE-6G2NroJls7EvOILnTaV-_zkO5Ksqw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-67031a18-5372ce294d4c659c304856f8;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 4b70da48eda82f2df6875ba8bf8f89ba.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
D6gK0lF0LgpfuKY3PNZdQDYQncg.jpeg
framerusercontent.com/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/D6gK0lF0LgpfuKY3PNZdQDYQncg.jpeg
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:3600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
698138b71f251fc465a8760ec85939a3dbb1cda607468f4bd8730c495fcaae47
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gtworek.com/

Response headers

etag
"92ca6297f7fb9ef0fe5797d56972ae4e"
age
2802199
x-content-type-options
nosniff
x-amzn-requestid
486590c3-986b-41de-8af4-c1da258f9136
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
1QnuFZgNerghIyhRQYH47-4ithGg3DeHXiRLn-hAAPxYEYNq5Aijiw==
date
Sun, 27 Oct 2024 08:33:08 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="1QnuFZgNerghIyhRQYH47-4ithGg3DeHXiRLn-hAAPxYEYNq5Aijiw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-671dfac4-53a8f3d760520e557677a6a3;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 4b70da48eda82f2df6875ba8bf8f89ba.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
truncated
/ 		657 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2a05e2e2a0373c1bd991dd7efcc50d96efea83e5d7980dbdad22c7522927388

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
N0bS2SlFPv1weGeLZDtondvHnvfU.woff2
fonts.gstatic.com/s/firamono/v14/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firamono/v14/N0bS2SlFPv1weGeLZDtondvHnvfU.woff2
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f3.1e100.net
Software
sffe /
Resource Hash
809c1b2aa822f37527027788a48b9060221726e722591b982d310a970ffe03a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gtworek.com
Referer
https://gtworek.com/

Response headers

age
552503
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 09:28:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 09:28:04 GMT
last-modified
Thu, 21 Apr 2022 16:30:49 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
17628
x-xss-protection
0
server
sffe
uU9NCBsR6Z2vfE9aq3bh3dSD.woff2
fonts.gstatic.com/s/firacode/v22/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firacode/v22/uU9NCBsR6Z2vfE9aq3bh3dSD.woff2
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f3.1e100.net
Software
sffe /
Resource Hash
be20a5a24497870c92c642a30bdf7a126d56808de0d853c6b501e0a728783a5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gtworek.com
Referer
https://gtworek.com/

Response headers

age
584090
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 00:41:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 00:41:37 GMT
last-modified
Wed, 13 Sep 2023 23:22:31 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
35600
x-xss-protection
0
server
sffe
d3tHnaQIAeqiE5hGcRw4mmgWYU.woff2
framerusercontent.com/assets/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/assets/d3tHnaQIAeqiE5hGcRw4mmgWYU.woff2
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:3600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
2f1040eb66570b6eb6b943d10ca5d91fb8c6dddecac26fe8823627437291229b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gtworek.com
Referer
https://gtworek.com/

Response headers

access-control-max-age
3000
etag
"09d8599d35f089f72c73ae79fbb5ef01"
x-amz-version-id
Jqk28CePMLBR_fq.NPwvEQZgshRbiTlh
age
11684601
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
4eQDyEPgLAk8o9Tw-bfFOV4RTHGVn5I22jL7DY7PQDP3Gf_f2X8Cbw==
date
Tue, 16 Jul 2024 13:13:07 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 14:12:26 GMT
x-amz-server-side-encryption-aws-kms-key-id
arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="4eQDyEPgLAk8o9Tw-bfFOV4RTHGVn5I22jL7DY7PQDP3Gf_f2X8Cbw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
28032
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
server
CloudFront
x-amz-server-side-encryption
aws:kms
N0bS2SlFPv1weGeLZDto1d3HnvfU.woff2
fonts.gstatic.com/s/firamono/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firamono/v14/N0bS2SlFPv1weGeLZDto1d3HnvfU.woff2
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f3.1e100.net
Software
sffe /
Resource Hash
1819bbdd7b92f67e023bf32f59c9e8c5232bbfdcbc6b1fcd528da568da91ce1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gtworek.com
Referer
https://gtworek.com/

Response headers

age
545868
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 11:18:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 11:18:39 GMT
last-modified
Thu, 21 Apr 2022 16:30:46 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
16148
x-xss-protection
0
server
sffe
N0bX2SlFPv1weGeLZDtgJv7S.woff2
fonts.gstatic.com/s/firamono/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firamono/v14/N0bX2SlFPv1weGeLZDtgJv7S.woff2
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f3.1e100.net
Software
sffe /
Resource Hash
e43b3538e39a85a095e4ff58a8b04b146a1bf6fac74c2c8c344c64421aedd58e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gtworek.com
Referer
https://gtworek.com/

Response headers

age
601636
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 19:49:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 19:49:11 GMT
last-modified
Thu, 21 Apr 2022 16:30:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
16284
x-xss-protection
0
server
sffe
i7dMIFZifjKcF5UAWdDRaPpZUFWaHg.woff2
fonts.gstatic.com/s/spacemono/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/spacemono/v14/i7dMIFZifjKcF5UAWdDRaPpZUFWaHg.woff2
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f3.1e100.net
Software
sffe /
Resource Hash
7e7da354194ef3e5a483c8b95eb2c957504ecd212e1f7a57773b6e3d9ee78b9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gtworek.com
Referer
https://gtworek.com/

Response headers

age
601066
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 19:58:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 19:58:41 GMT
last-modified
Thu, 26 Sep 2024 23:22:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
16136
x-xss-protection
0
server
sffe
vQyevYAyHtARFwPqUzQGpnDs.woff2
framerusercontent.com/assets/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/assets/vQyevYAyHtARFwPqUzQGpnDs.woff2
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:3600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4107b11930c4eef1f6ae5a76d441562e6d21a601f1781f37fd085542cd87412b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gtworek.com
Referer
https://gtworek.com/

Response headers

access-control-max-age
3000
etag
"a14a424239fd9cb2e305f2243b1f6177"
x-amz-version-id
SH9la86RvjI0NEj8MqfrPHVtgDnLUhAV
age
11629290
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
hjEHbEcHuSVkKYf-obKB6LKF4_Px09yZf5N_Uj7L4uEySQF-uLlkMw==
date
Wed, 17 Jul 2024 04:34:58 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 14:12:38 GMT
x-amz-server-side-encryption-aws-kms-key-id
arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="hjEHbEcHuSVkKYf-obKB6LKF4_Px09yZf5N_Uj7L4uEySQF-uLlkMw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 e892057f244e8b1aecca2281baa53f32.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
27404
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
server
CloudFront
x-amz-server-side-encryption
aws:kms
1ZFS7N918ojhhd0nQWdj3jz4w.woff2
framerusercontent.com/assets/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/assets/1ZFS7N918ojhhd0nQWdj3jz4w.woff2
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.80.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-94.jfk52.r.cloudfront.net
Software
CloudFront /
Resource Hash
cc324555c1cd681a59c27be1eda61da587d17bf71cc1ed8aa3e4a51e77907685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gtworek.com
Referer
https://gtworek.com/

Response headers

access-control-max-age
3000
etag
"9a2dbfafd3686aa72cb303a41be28527"
x-amz-version-id
FhKj_VGbf4ha4CqtjcCeHMQzi9fH8cVU
age
11629290
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="axY7FKHKWnLJ8iCuL3fYWdkTU5o38sp87vt2wUAkU2GpuRaS_mgYrQ==",cdn-downstream-fbl=1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Wed, 17 Jul 2024 04:34:58 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 14:12:44 GMT
x-amz-server-side-encryption-aws-kms-key-id
arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-id
axY7FKHKWnLJ8iCuL3fYWdkTU5o38sp87vt2wUAkU2GpuRaS_mgYrQ==
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 282af6dbb4c478f6651ee2a13940179e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
28004
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
server
CloudFront
x-amz-server-side-encryption
aws:kms
N0bX2SlFPv1weGeLZDtgKP7SodY.woff2
fonts.gstatic.com/s/firamono/v14/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firamono/v14/N0bX2SlFPv1weGeLZDtgKP7SodY.woff2
Requested by
Host: gtworek.com
URL: https://gtworek.com/mastering-windows-internals
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.227 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f3.1e100.net
Software
sffe /
Resource Hash
6bfabd307779c11b528a7bf06474232c76724eecfc2eb520ecf3e0ba0324fd14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gtworek.com
Referer
https://gtworek.com/

Response headers

age
567248
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 05:22:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 05:22:19 GMT
last-modified
Thu, 21 Apr 2022 16:30:41 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
11364
x-xss-protection
0
server
sffe
anonymous
events.framer.com/ 		0
380 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Requested by
Host: events.framer.com
URL: https://events.framer.com/script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.94.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-94-116.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gtworek.com/

Response headers

x-amz-apigw-id
B-JyXF9boAMEqpg=
x-amzn-trace-id
Root=1-6748bcdb-41fda94c42b216ee417eb396;Parent=210ae10d0e25cf94;Sampled=0;Lineage=1:c457ad49:0
x-amzn-requestid
e75ed4d6-1d46-430d-8d31-dcf8d4080665
via
1.1 cc3dab704d6aa33fe47fd3b876e1228e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
GQV2JzQFAu4mjO-xcp0UOjjMyrJkdgSG8Us1ou84rJFVdZ2BQYA79w==
date
Thu, 28 Nov 2024 18:56:27 GMT
content-type
application/json
x-amz-cf-pop
JFK52-P10
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-B3MNW8K7VF&gtm=45je4bk0v9166034530za200&_p=1732820187159&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=606104253.1732820188&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732820187&sct=1&seg=0&dl=https%3A%2F%2Fgtworek.com%2Fmastering-windows-internals&dt=Mastering%20Windows%20Internals&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1220
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B3MNW8K7VF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gtworek.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://gtworek.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 18:56:27 GMT
content-type
text/plain
server
Golfe2
H0ybk7UudHX7WVqNezZw0YvUrY.png
framerusercontent.com/images/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/H0ybk7UudHX7WVqNezZw0YvUrY.png?scale-down-to=512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:3600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d194cf9f3219acce24f583d07229363371772bc90315ce5af8ede6d62f790dd4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gtworek.com/

Response headers

etag
"8bd6cac557648fdc57394973e372f492"
age
817424
x-content-type-options
nosniff
x-amzn-requestid
9d6fd9e4-4dd1-49f3-a65a-9295f7d8916a
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
KnEIwXYP3f0vsDiLDyYURUGWBxM5aQ05QdcsMXjs804Yc92bSIlxow==
date
Tue, 19 Nov 2024 07:52:43 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="KnEIwXYP3f0vsDiLDyYURUGWBxM5aQ05QdcsMXjs804Yc92bSIlxow==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-673c43cb-5605e97375a429041abd7718;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 4b70da48eda82f2df6875ba8bf8f89ba.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
DZkUMMdmhonRtoBag2gIH6c7uE4.jpg
framerusercontent.com/images/ 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/DZkUMMdmhonRtoBag2gIH6c7uE4.jpg?scale-down-to=512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:3600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e6a423bef680ca8d4de29a333b52bfdb2c8b87b9b44def85f719f29409a33b54
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gtworek.com/

Response headers

etag
"79e356af66b8c1088033a9ceabc08ef9"
age
4563650
x-content-type-options
nosniff
x-amzn-requestid
af64215f-19a7-4873-9fc4-aef7afd4def6
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
s5LoEsLK1JvnHIm6SFAJYuRE-6G2NroJls7EvOILnTaV-_zkO5Ksqw==
date
Sun, 06 Oct 2024 23:15:37 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="s5LoEsLK1JvnHIm6SFAJYuRE-6G2NroJls7EvOILnTaV-_zkO5Ksqw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-67031a18-5372ce294d4c659c304856f8;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 4b70da48eda82f2df6875ba8bf8f89ba.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
VTcGm18WwQPOjz6lEPSZBiWVc.webp
framerusercontent.com/images/ 		42 KB
43 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/images/VTcGm18WwQPOjz6lEPSZBiWVc.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:3600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
49b1d8853a59615c36674906b21dd4893f90fe633e66089cd3c0accf90319e42
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gtworek.com/

Response headers

etag
"926e39043877414927b73e13f41503f0"
age
4740892
x-content-type-options
nosniff
x-amzn-requestid
0b26607f-e7f2-471c-827b-c98ecb439cc7
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
d9X_hrkBc9Jaf_Unnk0tPPb0FEkvkYAxNeP3_Vo3CCMIQ3UINbDsHw==
date
Fri, 04 Oct 2024 22:01:35 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="d9X_hrkBc9Jaf_Unnk0tPPb0FEkvkYAxNeP3_Vo3CCMIQ3UINbDsHw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-670065be-79c99afb577ed32c501c94aa;Parent=782e9d92b636e685;Sampled=0;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 4b70da48eda82f2df6875ba8bf8f89ba.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
Ync6e67SWn8PSO7R3Ci9jJH7vKM.jpg
framerusercontent.com/images/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/Ync6e67SWn8PSO7R3Ci9jJH7vKM.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:3600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8681734a4f9094ffd08e1ae30133225be16c07ca82939c07972fae48d5aea563
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gtworek.com/

Response headers

etag
"720a74a2a054ee1ec4ca3f39aa170223"
age
916522
x-content-type-options
nosniff
x-amzn-requestid
b7c567ae-ee68-416a-9755-511ca6376555
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
BWDsgXvOyLn3c-7j5mpD3yF7meyYD_29_z9VNJmlVg23Vyfn9ZaOXQ==
date
Mon, 18 Nov 2024 04:21:05 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="BWDsgXvOyLn3c-7j5mpD3yF7meyYD_29_z9VNJmlVg23Vyfn9ZaOXQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-673ac0af-4bae52623af82814158f7dd7;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 4b70da48eda82f2df6875ba8bf8f89ba.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
D6gK0lF0LgpfuKY3PNZdQDYQncg.jpeg
framerusercontent.com/images/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/D6gK0lF0LgpfuKY3PNZdQDYQncg.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:3600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
698138b71f251fc465a8760ec85939a3dbb1cda607468f4bd8730c495fcaae47
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gtworek.com/

Response headers

etag
"92ca6297f7fb9ef0fe5797d56972ae4e"
age
2802199
x-content-type-options
nosniff
x-amzn-requestid
486590c3-986b-41de-8af4-c1da258f9136
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
1QnuFZgNerghIyhRQYH47-4ithGg3DeHXiRLn-hAAPxYEYNq5Aijiw==
date
Sun, 27 Oct 2024 08:33:08 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="JFK52-P5",cdn-rid;desc="1QnuFZgNerghIyhRQYH47-4ithGg3DeHXiRLn-hAAPxYEYNq5Aijiw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-671dfac4-53a8f3d760520e557677a6a3;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 4b70da48eda82f2df6875ba8bf8f89ba.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
JFK52-P5
anonymous
events.framer.com/ 		0
381 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Requested by
Host: events.framer.com
URL: https://events.framer.com/script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.94.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-94-116.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gtworek.com/

Response headers

x-amz-apigw-id
B-JycFCDIAMEOKA=
x-amzn-trace-id
Root=1-6748bcdc-636e6b63293ec0861d4f04f1;Parent=67c6969bdd14f0da;Sampled=0;Lineage=1:c457ad49:0
x-amzn-requestid
3f13743f-9205-4f2a-b6c2-0ff540b2c4eb
via
1.1 cc3dab704d6aa33fe47fd3b876e1228e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
sDzBc2oB1e2VqALqmODHAhrlXsV97JK7mMT7y7dnT6ID7KEg7rna-w==
date
Thu, 28 Nov 2024 18:56:28 GMT
content-type
application/json
x-amz-cf-pop
JFK52-P10

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| __framer_onRewriteBreakpoints object| google_tag_manager object| google_tag_data function| __send_framer_event object| __framer_events function| onYouTubeIframeAPIReady object| gaGlobal function| __framer_importFromPackage object| process boolean| MotionIsMounted

2 Cookies

Domain/Path Name / Value
.gtworek.com/ Name: _ga_B3MNW8K7VF
Value: GS1.1.1732820187.1.0.1732820187.0.0.0
.gtworek.com/ Name: _ga
Value: GA1.1.606104253.1732820188

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.convertkit-mail2.com
events.framer.com
fonts.gstatic.com
framerusercontent.com
gtworek.com
www.google-analytics.com
www.googletagmanager.com
13.226.94.116
142.251.40.227
18.238.80.94
2600:9000:266a:3600:d:ada1:a280:93a1
2607:f8b0:4006:822::200e
2607:f8b0:4006:824::2008
3.141.222.179
52.223.52.2
126d8354ccc24608a4d33915ff94f106177d049308436c3364005442618f0ff8
1819bbdd7b92f67e023bf32f59c9e8c5232bbfdcbc6b1fcd528da568da91ce1f
2f1040eb66570b6eb6b943d10ca5d91fb8c6dddecac26fe8823627437291229b
3904a2afc0d8d63c8cf6fb0762a11b9261087e6d8e90c4adcd91a350bd7a49c7
4107b11930c4eef1f6ae5a76d441562e6d21a601f1781f37fd085542cd87412b
459b4d7e9a50cdfe16f94845dfa136a501dc88fcaa531ec35c90da4a49a6cb6f
47e2a6b0d1051916db9d872ecb982c4c581833c3d95804bf6a302498ed8c2984
49b1d8853a59615c36674906b21dd4893f90fe633e66089cd3c0accf90319e42
698138b71f251fc465a8760ec85939a3dbb1cda607468f4bd8730c495fcaae47
6bfabd307779c11b528a7bf06474232c76724eecfc2eb520ecf3e0ba0324fd14
7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c
7e7da354194ef3e5a483c8b95eb2c957504ecd212e1f7a57773b6e3d9ee78b9a
809c1b2aa822f37527027788a48b9060221726e722591b982d310a970ffe03a1
8681734a4f9094ffd08e1ae30133225be16c07ca82939c07972fae48d5aea563
89e61318afc569842f98ccd196ff7cfbb36ec69bad3af935dd5c7149b494fde4
8b91ee4af78a9558d2bbbc889b190d7c47647405fabc8ae5be1c014d6c938228
9d3e851a5c7c0a1cf76d8c212ea2ff8ff4b253dc3fff3d417faa32e5771d03e2
a9428e5e5f6c5ede3339114a8be6230e2cc39a2190d03f1092ae93bdaf556891
be20a5a24497870c92c642a30bdf7a126d56808de0d853c6b501e0a728783a5c
ca6ee0c909a3af99bc911dd17e1153cf9e0cce7ca30068142bb560b4b59d954e
cc324555c1cd681a59c27be1eda61da587d17bf71cc1ed8aa3e4a51e77907685
d194cf9f3219acce24f583d07229363371772bc90315ce5af8ede6d62f790dd4
e2a05e2e2a0373c1bd991dd7efcc50d96efea83e5d7980dbdad22c7522927388
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43b3538e39a85a095e4ff58a8b04b146a1bf6fac74c2c8c344c64421aedd58e
e6a423bef680ca8d4de29a333b52bfdb2c8b87b9b44def85f719f29409a33b54
ec4f0f577ebaa294f1de95377e33082ae91fd7700a78da84b70a1b37bec8d97f