www.cybrary.it Open in urlscan Pro
143.204.98.37 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/wl8iljDgBm
Effective URL:
https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_...
Submission: On February 13 via api (February 13th 2022, 3:55:03 am UTC) from GB — Scanned from GB

Summary HTTP 103 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 21 domains to perform 103 HTTP transactions. The main IP is 143.204.98.37, located in United States and belongs to AMAZON-02, US. The main domain is www.cybrary.it. The Cisco Umbrella rank of the primary domain is 681020.
TLS certificate: Issued by Amazon on November 20th 2021. Valid for: a year.

This is the only time www.cybrary.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
31	143.204.98.37 143.204.98.37	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
8	2600:9000:225... 2600:9000:225f:4800:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e053	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	104.111.234.67 104.111.234.67	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	3.20.132.151 3.20.132.151	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	38.103.45.45 38.103.45.45	174 (COGENT-174) (COGENT-174)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
16	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	143.204.98.57 143.204.98.57	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.249.212.247 34.249.212.247	16509 (AMAZON-02) (AMAZON-02)
3	35.174.150.168 35.174.150.168	14618 (AMAZON-AES) (AMAZON-AES)
103	25

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 143.204.98.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-37.fra50.r.cloudfront.net

www.cybrary.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:225f:4800:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7::5c7b:e053 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.234.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.20.132.151 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-132-151.us-east-2.compute.amazonaws.com

8dkfarln27.execute-api.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.103.45.45 (United States)

ASN174 (COGENT-174, US)

nbq83jofdp-dsn.algolia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

948-bsi-099.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-57.fra50.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.212.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-212-247.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.174.150.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-3-ue1.aws.pardot.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
info.cybrary.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	cybrary.it www.cybrary.it — Cisco Umbrella Rank: 681020 info.cybrary.it	547 KB
16	gstatic.com www.gstatic.com fonts.gstatic.com	2 MB
9	google.com www.google.com — Cisco Umbrella Rank: 2	65 KB
8	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 4254	104 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1701 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 2981 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 2973 tracking.crazyegg.com — Cisco Umbrella Rank: 2994	28 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 439 www.linkedin.com — Cisco Umbrella Rank: 602 px4.ads.linkedin.com — Cisco Umbrella Rank: 5087	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	157 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 3601	4 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	313 B
2	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3464	655 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 stats.g.doubleclick.net — Cisco Umbrella Rank: 67	2 KB
2	algolia.net nbq83jofdp-dsn.algolia.net — Cisco Umbrella Rank: 976401	8 KB
2	amazonaws.com 8dkfarln27.execute-api.us-east-2.amazonaws.com — Cisco Umbrella Rank: 706556	1 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 2821	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	114 KB
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 723	140 B
1	mktoresp.com 948-bsi-099.mktoresp.com — Cisco Umbrella Rank: 793509	311 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 830	2 KB
1	t.co t.co — Cisco Umbrella Rank: 456	617 B
103	21

	Domain	Requested by
31	www.cybrary.it	t.co www.cybrary.it
10	www.gstatic.com	www.google.com www.gstatic.com
9	www.google.com	www.cybrary.it www.gstatic.com www.google.com
8	images.ctfassets.net	www.cybrary.it
6	fonts.gstatic.com	www.google.com
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	www.cybrary.it www.googletagmanager.com
2	pi.pardot.com	t.co pi.pardot.com
2	www.facebook.com	www.cybrary.it
2	www.google.co.uk	www.cybrary.it
2	nbq83jofdp-dsn.algolia.net	www.cybrary.it
2	8dkfarln27.execute-api.us-east-2.amazonaws.com	www.cybrary.it
2	munchkin.marketo.net	t.co munchkin.marketo.net
2	connect.facebook.net	t.co connect.facebook.net
2	px.ads.linkedin.com	2 redirects
2	sessions.bugsnag.com	www.cybrary.it
1	info.cybrary.it	pi.pardot.com
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	948-bsi-099.mktoresp.com	munchkin.marketo.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	px4.ads.linkedin.com	www.cybrary.it
1	www.linkedin.com	1 redirects
1	snap.licdn.com	www.cybrary.it
1	t.co
103	29

This site contains links to these domains. Also see Links.

Domain
app.cybrary.it
help.cybrary.it
www.instagram.com
www.facebook.com
www.linkedin.com
www.twitch.tv
twitter.com
www.youtube.com
status.cybrary.it

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-12-13` - `2022-12-12`	a year	crt.sh
www.cybrary.it Amazon	`2021-11-20` - `2022-12-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
images.ctfassets.net Amazon	`2021-03-19` - `2022-04-17`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-05-05`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-09` - `2022-05-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-22` - `2022-02-20`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
*.execute-api.us-east-2.amazonaws.com Amazon	`2021-07-31` - `2022-08-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
algolia.net Sectigo RSA Organization Validation Secure Server CA	`2021-12-07` - `2023-01-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-08` - `2022-11-07`	a year	crt.sh
info.cybrary.it R3	`2022-01-04` - `2022-04-04`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Frame ID: 93A820DEFABBA254780FAA16AAF26D1F
Requests: 80 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpnOIcAAAAABpPA_d0X_fslduU4tnoirwar8qA&co=aHR0cHM6Ly93d3cuY3licmFyeS5pdDo0NDM.&hl=en&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&cb=8iroasxbx7g5
Frame ID: B7B89C0F60DBEED86404C76CD016955C
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpnOIcAAAAABpPA_d0X_fslduU4tnoirwar8qA&co=aHR0cHM6Ly93d3cuY3licmFyeS5pdDo0NDM.&hl=en&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&cb=tgr5nsf4h0up
Frame ID: 5604D0948C7D6CA5C0DE343983AEE94E
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpnOIcAAAAABpPA_d0X_fslduU4tnoirwar8qA&co=aHR0cHM6Ly93d3cuY3licmFyeS5pdDo0NDM.&hl=en&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&cb=drloi7su0cfa
Frame ID: 933D2CDF7B0AD274299754CAF211AA3E
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 573C50ECF8F87EA719791949015A4081
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Exploitation and Mitigation: InstallerFileTakeOver (CVE-2021-41379) | CybraryInstagramFacebookLinkedInTwitchTwitterYouTube

Page URL History Show full URLs

https://t.co/wl8iljDgBm Page URL
https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm... Page URL

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

103
Requests

97 %
HTTPS

56 %
IPv6

21
Domains

29
Subdomains

25
IPs

4
Countries

2661 kB
Transfer

4729 kB
Size

28
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://app.cybrary.it/login?www=nav

Search URL Search Domain Scan URL

URL: https://app.cybrary.it/login?provider=Google
Title: Sign up with Google

Search URL Search Domain Scan URL

URL: https://app.cybrary.it/login?provider=Apple
Title: Sign up with Apple

Search URL Search Domain Scan URL

URL: https://app.cybrary.it/login?provider=Microsoft
Title: Sign up with Microsoft

Search URL Search Domain Scan URL

URL: https://app.cybrary.it/login
Title: Sign In »

Search URL Search Domain Scan URL

URL: https://help.cybrary.it/hc/en-us
Title: Help Center

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cybrary.it/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cybraryit
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cybrary/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/cybrary
Title: Twitch

Search URL Search Domain Scan URL

URL: https://twitter.com/cybraryit
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCzWPaANpPISEE_xvJm8lqHA
Title: YouTube

Search URL Search Domain Scan URL

URL: https://status.cybrary.it/
Title: Server Status

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/wl8iljDgBm Page URL
https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1039233&time=1644724498229&url=https%3A%2F%2Fwww.cybrary.it%2Fcourse%2Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%2F%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Db2b-resourses HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1039233%26time%3D1644724498229%26url%3Dhttps%253A%252F%252Fwww.cybrary.it%252Fcourse%252Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%252F%253Futm_source%253Dtwitter%2526utm_medium%253Dsocial%2526utm_campaign%253Db2b-resourses%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1039233&time=1644724498229&url=https%3A%2F%2Fwww.cybrary.it%2Fcourse%2Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%2F%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Db2b-resourses&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1039233&time=1644724498229&url=https%3A%2F%2Fwww.cybrary.it%2Fcourse%2Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%2F%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Db2b-resourses&liSync=true&e_ipv6=AQIw9x0EOEEB_wAAAX7xOCrop7afO0QHpUXUpC37ZWWSiJ6ffBi5Dmi9cPYc7b1PIcvhlEQ

103 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 wl8iljDgBm Show response
t.co/ 650 B
617 B 248ms
134ms Document
text/html 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/wl8iljDgBm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

13bef7d3af74f8e48abe1a771dd4c40448040540fbb23ec7aa9efb9a09592f1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Sun, 13 Feb 2022 03:54:55 GMT
vary: Origin
server: tsa_f
expires: Sun, 13 Feb 2022 03:59:55 GMT
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 284
content-encoding: gzip
x-xss-protection: 0
strict-transport-security: max-age=0
x-response-time: 111
x-connection-hash: 13043f1b8563bd43d60239c8738750474f61d47e10e1c3f9628f0c3e9244b370

GET
H2 200 Primary Request / Show response
www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/ 207 KB
34 KB 403ms
306ms Document
text/html 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Requested by

Host: t.co
URL: https://t.co/wl8iljDgBm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f5d6d4387a498728573f51563fcc16c902a50aa7b50e57a5718c73ae6d5e58c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://t.co/

Response headers

content-type: text/html
x-amz-meta-version: 4.20.2
last-modified: Fri, 11 Feb 2022 21:01:40 GMT
x-amz-version-id: ugtyEC4kXZsO8n4h74MToxAjYoc7MaKJ
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
access-control-max-age: 60
x-download-options: noopen
x-dns-prefetch-control: off
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
content-encoding: gzip
date: Sun, 13 Feb 2022 03:54:57 GMT
cache-control: public, max-age=0, must-revalidate
etag: W/"52ddaa36746ced32ec9942145e82924b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: qpMArR_k-DR2cCzeePn4ye1M5MI0ShLzKi3lPcNyQSVYEGWjimeIGw==

GET
H2 200 inter-latin-400-normal.woff2
www.cybrary.it/assets/ 17 KB
18 KB 51ms
51ms Font
font/woff2 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/assets/inter-latin-400-normal.woff2

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

27ae72daf88c7431896929273087c99910d019ae82dc0af7d86505c0f5ef5dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: 19g0yMCopmPrpRlc0EYyvmIXcgtRBAZI
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2364
x-dns-prefetch-control: off
x-amz-meta-version: v3.5.0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 17156
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Aug 2021 01:35:04 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:56 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=3600,s-maxage=3600
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: "cf387a4738fea57e757cac39922609b7"
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: RvCUw-d-oCZJz-Gq7FgGLqqVhMoFdyNzYFdPRMTv2os5xVb2KWmBnA==

GET
H2 200 inter-latin-600-normal.woff2
www.cybrary.it/assets/ 18 KB
19 KB 170ms
169ms Font
font/woff2 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/assets/inter-latin-600-normal.woff2

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

87d718a282da60f8ef79c2c85e2999bd0fe7a6ef3fc77ccb3ad8a5ff8474b1ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: bdZ5NrNENsTCa0MlW_RLZkV7nfH7GH8d
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 732
x-dns-prefetch-control: off
x-amz-meta-version: v3.5.0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 18096
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Aug 2021 01:35:04 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:56 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=3600,s-maxage=3600
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: "5fc9e9c717d652c0a2d32c69b1a9e966"
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: V1AwM6SJ6rW9pjIHiJGEjyLazcnF15ACfj1GvrKN8AaTjk2a-VwAqw==

GET
H2 200 inter-latin-700-normal.woff2
www.cybrary.it/assets/ 18 KB
19 KB 138ms
137ms Font
font/woff2 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/assets/inter-latin-700-normal.woff2

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

687fc99e322c6c306a4e4c92099c3df35735687f72a40ef6239e5ee4f5bd8f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: CQinzLE6BLioaxLnGcMMXLVmg.zUdv5c
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 732
x-dns-prefetch-control: off
x-amz-meta-version: v3.5.0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 18020
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Aug 2021 01:35:04 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:56 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=3600,s-maxage=3600
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: "e8ecbd3caa74a29a6339db388cff7c17"
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: sZxcXgv2iyF2HZj5XLnBFKBF35aRexQcHKmWbfu5xQgfEV6-IvxdAg==

GET
H2 200 inter-latin-900-normal.woff2
www.cybrary.it/assets/ 17 KB
18 KB 138ms
137ms Font
font/woff2 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/assets/inter-latin-900-normal.woff2

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

df05d2f33fef3383a2bbd852400ad273eaa8f72127df287b34642db985193235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: IiWzJNcMqOZSt9.Okm_3WPgCMYNHbOFD
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 405
x-dns-prefetch-control: off
x-amz-meta-version: v3.5.0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 17604
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Aug 2021 01:35:04 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:56 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=3600,s-maxage=3600
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: "007bc54abceb7b15606550c109ef44c3"
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: wa8IkR_ywkFpMJrDOYg5wM35KSCvzr946RvDzpix54dXz_FBM1Nerw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
61 KB 131ms
48ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7B7PNDDRRZ

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d899f1570b5dcea714019fc6d03419edd04e9878ca213e831c0b1f1e5b28197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:54:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62146
x-xss-protection: 0
expires: Sun, 13 Feb 2022 03:54:56 GMT

GET
H2 200 webpack-runtime-623db7720d396ebfbd35.js Show response
www.cybrary.it/ 7 KB
4 KB 47ms
46ms Script
application/javascript 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/webpack-runtime-623db7720d396ebfbd35.js

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ef2c00224623e22ea5ce85135de0123f8d03bd9cbf412a81026764a1120067b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384382
x-dns-prefetch-control: off
x-amz-meta-version: 4.20.1
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 01 Feb 2022 19:15:55 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"3c3e560d315079677bc6c62790dbbd8e"
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
x-amz-version-id: 0VqdzsS0mOq2b5S8XoVxE05rWTQnsdAi
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: CyWTte0F5_kVOD_ouGsBeUNbVjeyFLzni-rXsRNpueWEuNXJ0LWXwQ==

GET
H2 200 framework-5f729f765936280c8025.js Show response
www.cybrary.it/ 21 KB
9 KB 45ms
44ms Script
application/javascript 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/framework-5f729f765936280c8025.js

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e372a739c77c285f32c59e7e878ec1845c05af02f4d1d3fe7f06064db50ea925

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384382
x-dns-prefetch-control: off
x-amz-meta-version: 4.0.0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Aug 2021 15:59:09 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"a1c3074f2d7e3e99b0d7fc2fa5463f2a"
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
x-amz-version-id: ofoeR8zmmqYand4vwN5Ee2eXfD6JLtHd
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: x04cDxWyyKttiJIgUdHcO8PCrMtnFuz8byeYg50YBArRxBft-yANmw==

GET
H2 200 app-2d397b3639ad9424d8da.js Show response
www.cybrary.it/ 162 KB
51 KB 49ms
48ms Script
application/javascript 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/app-2d397b3639ad9424d8da.js

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4f6d1b37baea28efd6cddbd455ac38b7bcbb46a7a82b8ed3cf461940d876e38b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384382
x-dns-prefetch-control: off
x-amz-meta-version: 4.20.1
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 01 Feb 2022 19:15:55 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"7cd155b01ebdcd23880f1d9858f7d904"
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
x-amz-version-id: 9VEYV_yTTkRc26ghSy3I1PrSHbqOhn1Q
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: nhsC07CgNO7sEqTynRkaiTrh2pYTL-l6ToCHaDZlOBOMdIZvnSeM3g==

GET
H2 200 commons-0ef49eb7b941b0bc04ea.js Show response
www.cybrary.it/ 1007 KB
262 KB 49ms
48ms Script
application/javascript 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/commons-0ef49eb7b941b0bc04ea.js

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

faef8bcb52d4fde34ab66683bb6b487fc90cbfd2cf026be4eea1c66bcf9911d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:08:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384373
x-dns-prefetch-control: off
x-amz-meta-version: 4.20.1
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 01 Feb 2022 19:15:56 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"955e91b087024d6363b8ad1aec32b2d1"
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
x-amz-version-id: VFetf2xh5NJRqGo9ig9Y5l9y_JlYA8Mg
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: 0mNwW6Vz2vZZFEf-qRu2hi6wicG6oxmyO5-q5cYlt2K6_dY1V32_Vw==

GET
H2 200 d3767ffbb50a5df3c587455c341fb5fa8b04d136-49eb6e39a707907ad253.js Show response
www.cybrary.it/ 67 KB
26 KB 151ms
150ms Script
application/javascript 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/d3767ffbb50a5df3c587455c341fb5fa8b04d136-49eb6e39a707907ad253.js

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

717125911207d2df37ad5632ce09db4eef4e9b0c2dc4f365731d236ef2d50f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384373
x-dns-prefetch-control: off
x-amz-meta-version: 4.19.0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 31 Jan 2022 15:21:37 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"8664a6e67ac3d8f45d2887e143fa5573"
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
x-amz-version-id: W93q88m6mEoUyKu_pF412wO1jQjo3UIq
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: ufAXDfLJzYFrIYsyw6aSHtWmQbbsCF1zwzh5vNzCkUDU_gMbrQnl0w==

GET
H2 200 afd8002b7ae7cb50494762415f9dbb77acb5b0ac-4f76327a8161460dd837.js Show response
www.cybrary.it/ 109 KB
34 KB 88ms
87ms Script
application/javascript 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/afd8002b7ae7cb50494762415f9dbb77acb5b0ac-4f76327a8161460dd837.js

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b0adcb1896aeead6120cca4fa50a66d65cfc203c0eb2920e7e895167b2901e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384366
x-dns-prefetch-control: off
x-amz-meta-version: 4.0.0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Aug 2021 15:59:09 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"5866e30dc6eaea6aee3deb05059ed8e8"
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
x-amz-version-id: DMrni3S22FHTTwdbaulgbtxopR_ly4s0
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: sTHI-cRYolaJxGsi-3Hj-V3_VCFNIOEiLTDiD7fZH-29TDLxDnmDFg==

GET
H2 200 11eadbcbb86adfa3d6b8fa0cc93650620cf5a7ee-caf170f7cb0f3ad2df7d.js Show response
www.cybrary.it/ 22 KB
7 KB 169ms
168ms Script
application/javascript 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/11eadbcbb86adfa3d6b8fa0cc93650620cf5a7ee-caf170f7cb0f3ad2df7d.js

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5c5a4fc34969cfbeb539a1a99f89b0289b884838e78dbf5df5245352183ae909

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384366
x-dns-prefetch-control: off
x-amz-meta-version: 4.19.0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 31 Jan 2022 15:21:37 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"efc8a7da06907f135cc1e893b19b3cba"
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
x-amz-version-id: WTMgpT7uAk8EZOrY_oto7f7toQ_tFc7e
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: I0NRI4b0FyP0o_x_pWo02_qVwhnunjCLi-155hKSaLZ7dscdrkZqbA==

GET
H2 200 0e16241234779cf6a40adfc856d1c2b8599ca6d9-caa2b37683fb268e0cd3.js Show response
www.cybrary.it/ 20 KB
7 KB 169ms
168ms Script
application/javascript 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/0e16241234779cf6a40adfc856d1c2b8599ca6d9-caa2b37683fb268e0cd3.js

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4d01afe488335747bf38240f9cbc29cd797c7d9c96504dd5ae5181a4c5023a76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384366
x-dns-prefetch-control: off
x-amz-meta-version: 4.12.0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 17:19:25 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"42845c22dbcbc78d46352ead346e5c29"
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
x-amz-version-id: i7fyfyl_mhy424c4Ek_nZqgJ2ZfwAcAy
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: zFogyOH7SEt9hYDEoyHIg857-77bIli7TKvC24ny6yv0mpDrMVJCag==

GET
H2 200 component---src-templates-course-page-js-211ca8bc792930a96bd7.js Show response
www.cybrary.it/ 23 KB
12 KB 170ms
169ms Script
application/javascript 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/component---src-templates-course-page-js-211ca8bc792930a96bd7.js

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c53483d4f663874df5e87b697921ce736c359d7966e3c41300afa5831feed9ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384366
x-dns-prefetch-control: off
x-amz-meta-version: 4.19.0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 31 Jan 2022 15:21:37 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"9a90b6c0ccd26c1911a33157f14d74ca"
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
x-amz-version-id: C9feHl7ayINxIYA.NNFLU1vD_TAgib4F
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: kDSUeqNbEHNg-tLVli8W6BJBAR-dbbWUn5FtEXiarrHf2h7xywjUug==

GET
H2 200 page-data.json
www.cybrary.it/page-data/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/ 14 KB
5 KB 318ms
317ms Other
application/json 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/page-data/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/page-data.json

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

405bb9bd170ebc269fefaa7f99a69f1f8796aefd8b766507e4d329716fcb3137

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: znlo_ub.kGnKurXHO4gjPx3gyEc3pu7P
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-amz-meta-version: 4.18.0
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 26 Jan 2022 14:26:17 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:57 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: application/json
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: W/"83967a105672933d521d989483b3ddeb"
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: nR5aArZeKuETCHMtVxgpvCWVvySCBkcJnLgLzdiVn9BGoSYz77Fykg==

GET
H2 200 140661389.json
www.cybrary.it/page-data/sq/d/ 3 KB
1 KB 316ms
315ms Other
application/json 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/page-data/sq/d/140661389.json

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4ccc732bdfb86969500626deeda501ea5c55000aa7926b08176318b37ce34dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: dUURXwzNMPp5gheH1m9v7l8ApKBXvAlL
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-amz-meta-version: 4.0.1
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Aug 2021 17:27:19 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:57 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: application/json
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: W/"d20f7aa080e683ef009b0aa49ddadd49"
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: Me_QhRd5K-Q7Oo2rpxJZMfYbQB_8sSaxXxVyWyVOGfaZThuj7AaXIg==

GET
H2 200 1475311374.json
www.cybrary.it/page-data/sq/d/ 2 KB
1 KB 319ms
318ms Other
application/json 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/page-data/sq/d/1475311374.json

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fb489b39a4e9de76ba649ca6478ba1635c2e246945e301d01298f097760d73ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: JRxgFZMZEQj2yKvpW8r2g3CqlPUZVwyF
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-amz-meta-version: 4.0.1
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Aug 2021 17:27:19 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:57 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: application/json
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: W/"c41f3eba2f3ace6af153c804b2acaa00"
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: qv6v7NBbjQf841AYpo30Fz4L1j1k6YRASS6e_8nGXyYwqOd9jXJ5LQ==

GET
H2 200 2146246592.json
www.cybrary.it/page-data/sq/d/ 773 B
2 KB 327ms
326ms Other
application/json 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/page-data/sq/d/2146246592.json

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1abcb792b17480038aae67b12a7cf2f738d9f8b769475642e92df6e095caed3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: P_CrAfO30fnYIcA9nsOP6AZBtPE9jYBc
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-amz-meta-version: 4.0.1
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 773
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Aug 2021 17:27:19 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:57 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: "2607346f395e491313cde7d4a335225a"
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: stjB6U_Pm75Aoe8G-zxhf661OhiVtribzRfPYfFUsGbrwrcpnmt5ow==

GET
H2 200 2767130236.json
www.cybrary.it/page-data/sq/d/ 2 KB
1 KB 214ms
212ms Other
application/json 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/page-data/sq/d/2767130236.json

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4f35d8afb396bb5aee79e6ccc4059a90209c9edeec04d68c0d70b12eb1eccd60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: 6sFFWzeiIfNzsRWC2j5P5ysrthoVxPmd
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-amz-meta-version: 4.0.1
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Aug 2021 17:27:19 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:57 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: application/json
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: W/"5ec44c3b7a8c92dbca223d77d879549b"
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: LKe859OV0_YSHY9FVWdWmRSueF_qPw1iRzAnSgpzC5rKbxfcjZYHxw==

GET
H2 200 3232471594.json
www.cybrary.it/page-data/sq/d/ 3 KB
1 KB 316ms
314ms Other
application/json 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/page-data/sq/d/3232471594.json

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

144c67eaa5ea27e58fab5c95fba9c9b363fead6cf43895927b57d0acfc2f83c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: Lye4vvStA8i4sBXkjnQVZ2BBRAnyT9YE
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-amz-meta-version: 4.0.1
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Aug 2021 17:27:19 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:57 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: application/json
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: W/"767814732c585b351a948e186aeecd96"
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: UVPY8SfjkOnvYvaxTJUIAawS96UIZBrTe_RycGBmTdJ-6SjTeb5ssw==

GET
H2 200 3303758354.json
www.cybrary.it/page-data/sq/d/ 2 KB
1 KB 324ms
322ms Other
application/json 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/page-data/sq/d/3303758354.json

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4dcb0dc350c1d4ec211ebd51868e9b97be032ab31354dc0a09bbd3ec1d1e4f99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: RVwNRWFYdfUCQlvLhN88cnrjk7ibpKzz
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-amz-meta-version: 4.0.1
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Aug 2021 17:27:19 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:57 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: application/json
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: W/"27b308aeb93baf3ee3e6a92d4e24261c"
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: h9e_rI5DI06f8jW0X2DKpqEzXcrcjmWVj2Q-r_VYazHfm-KFCiP9HA==

GET
H2 200 3726272968.json
www.cybrary.it/page-data/sq/d/ 2 KB
1 KB 317ms
315ms Other
application/json 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/page-data/sq/d/3726272968.json

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

933fce75d609fa8f3e275376ddc9a0695e4f472dc7aec7cbbd9269808a0015a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: TXZwRAFpd86zxwmZoXeYp5WrO0sfZW12
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-amz-meta-version: 4.0.1
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Aug 2021 17:27:19 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:57 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: application/json
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: W/"bf1016d7ff891ff2dea5d2c8db100497"
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: dNPIzaQo4Nnl_aVGBGGv0qQiP3p4ZyZImWthRB9_Gcw9LRVgxeb9Xg==

GET
H2 200 3920069834.json
www.cybrary.it/page-data/sq/d/ 4 KB
2 KB 309ms
307ms Other
application/json 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/page-data/sq/d/3920069834.json

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b74a74f86ad2b9bc16af5ff856843d57e6e5937a0245944d301e3bc8f133ad50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: jJtjhKzs5_5SGLIFG_DPHLYlShU4tPFh
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-amz-meta-version: 4.10.0
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Nov 2021 14:35:29 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:57 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: application/json
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: W/"a361184d601996bebae481c2cff46f2a"
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: HSNR8US8UzAdbkvdjPtwhJNZe_SSxNnbt6UhF70lTFHPbpWv5YdNCg==

GET
H2 200 3977582552.json
www.cybrary.it/page-data/sq/d/ 2 KB
1 KB 320ms
318ms Other
application/json 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/page-data/sq/d/3977582552.json

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f27f69cbbb3dcb437cc1153fa6fa18d50831758020befd2fa32a7068c81bc2f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: WLCgOMbtFj86YZok4I6T7XU1PE5Al8hp
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-amz-meta-version: 4.0.1
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Aug 2021 17:27:19 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:57 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: application/json
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: W/"4fab431327243ad86984e01a752b0ff5"
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: XBr7Svnd4KlTQHE0Spw010_8ioGHThUIF6rk7f-WQfpJTRoWy_yQQA==

GET
H2 200 4282407584.json
www.cybrary.it/page-data/sq/d/ 2 KB
1 KB 319ms
317ms Other
application/json 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/page-data/sq/d/4282407584.json

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

67f7a75365575aeae41b2b1d3559381acd8d6ec4de85f3a5654d96ee7c18a022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: EIvgFISdGkObCSLHq6Pa5m4U54L6_fe.
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-amz-meta-version: 4.0.1
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Aug 2021 17:27:19 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:57 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: application/json
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: W/"f8923f102386877349aeeba9e4c004bd"
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: tekU3o6IF7e1GQX_-n_WsfXg9PTRlwHk2r3r6vHS4R691qEYQPXnpA==

GET
H2 200 813944818.json
www.cybrary.it/page-data/sq/d/ 2 KB
1 KB 216ms
214ms Other
application/json 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/page-data/sq/d/813944818.json

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2581f2bb552e7d6595e2f1f31561f80f8e7d7f610430297c0e587227613c4324

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: iwnTGmUic6hkuTiNwymUAz6nWz50NihC
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-amz-meta-version: 4.0.1
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Aug 2021 17:27:19 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:57 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: application/json
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: W/"d80e1d11eeed851745cd3241437339a1"
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: pJvI-4ESCI9UOHmCtx4tK9kLxIXB0i1EXGomG32SfgRmFJ24YlBPzw==

GET
H2 200 825186945.json
www.cybrary.it/page-data/sq/d/ 4 KB
2 KB 217ms
215ms Other
application/json 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/page-data/sq/d/825186945.json

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6660630ce5fe3000e286ae04ee064c636df20bc243d33d062ffb1d64469b1a5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: rBBfSdl4ubB1u1oViDVICVRtGl6kIUAo
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-amz-meta-version: 4.0.1
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Aug 2021 17:27:19 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:57 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: application/json
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: W/"5249884ef2440bb979f47b25796327d8"
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: rQxK0dfiB05srZ9rk_xr-zw0EAbxu_cJIsy_XYyJ2zSswn-qEf7v5w==

GET
H2 200 840558864.json
www.cybrary.it/page-data/sq/d/ 340 B
1 KB 309ms
308ms Other
application/json 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/page-data/sq/d/840558864.json

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

711ab6793dbc2e2628b4d69ad46bc69b65e744a23cb40add1cce50e872cf0a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: DiDvXeT0h4Efxc3u6E1FkdZLuZHVn3BP
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-amz-meta-version: 4.0.1
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 340
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Aug 2021 17:27:19 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:57 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: "cf7eaf849b32d2db3b9ca3abd447a527"
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: Y58_WQfce2dfcS5JW2qfvkoIOeysQ_ozB7I-0Dp8cBo9TSHhrqNZJw==

GET
H2 200 862449850.json
www.cybrary.it/page-data/sq/d/ 33 B
942 B 307ms
306ms Other
application/json 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/page-data/sq/d/862449850.json

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ccecd825f1ca4fb933eb5b09658879756cec823bb80402631256aff44e445fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: i_mS2bt.yHCcbxeRDds.gZDC9bV_Timh
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-amz-meta-version: 4.0.1
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 33
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Aug 2021 17:27:19 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:57 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: "1f70816a505dfceba40fd2563f27235b"
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: cjkZqGb1Bqu7CDEmeDUamhSVyEaSy_EjawdZ4oqVc1oPBkolD6ZrLw==

GET
H2 200 app-data.json
www.cybrary.it/page-data/ 50 B
962 B 313ms
312ms Other
application/json 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/page-data/app-data.json

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

403d7f08e802f084e1a8ce73bd2ac62d256b5eb885fabaef43c534ee6c080df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: rErXdGtH6TF32Gsi8hDml_pLIzcdL3wR
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-amz-meta-version: 4.20.2
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-length: 50
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Feb 2022 23:07:56 GMT
server: AmazonS3
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:57 GMT
x-download-options: noopen
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';usb 'none';
etag: "fe531ba902fdcc9a76b38db7e6e58a99"
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: hcMOTQi-yyoO6WT584IAh9UaBw7PLdovfSJrQIMY9AgxesOoloONDw==

GET
H2 200 cybrary_logo_white.svg
images.ctfassets.net/kvf8rpi09wgk/5mvqed7vGZQqynYaTiO6dX/141877a61e540b2a211b848f419dc2ae/ 4 KB
2 KB 183ms
49ms Image
image/svg+xml 2600:9000:225f:4800:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kvf8rpi09wgk/5mvqed7vGZQqynYaTiO6dX/141877a61e540b2a211b848f419dc2ae/cybrary_logo_white.svg
Requested by: Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:4800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 41767788b23bb7fd4a37cd590d25d0e71991fc591da39e2061996a6abdca961c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 04:22:03 GMT
content-encoding: gzip
last-modified: Thu, 17 Oct 2019 16:28:33 GMT
server: Contentful Images API
age: 84774
etag: W/"d2f181d459bfc4027f00578dd7b7771e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: vcXn-qPuR5SoH5ZRvv6jABNRjpyj011qjY0FxjsyIsJOsRth6pQJDg==
via: 1.1 1414bd7a19d3e0731eb4c47589439132.cloudfront.net (CloudFront)

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 157ms
36ms Script
application/x-javascript 2a02:26f0:f7::5c7b:e053
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e053 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 03:54:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=50508
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 170 KB
60 KB 170ms
87ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KVNRWXV

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58c14a504f6d3ad2882e679f4a6ec12441de58310ab5e0aa6e72867c638089b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:54:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61521
x-xss-protection: 0
last-modified: Sun, 13 Feb 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 13 Feb 2022 03:54:56 GMT

GET
H2 200 Exploit_Mitigation_InstallerFile_BG.png
images.ctfassets.net/kvf8rpi09wgk/5bu8JTPVZazcEgynf0zzd6/1da3f4decf50f87a132f03e22fc3cde9/ 22 KB
22 KB 252ms
120ms Image
image/webp 2600:9000:225f:4800:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kvf8rpi09wgk/5bu8JTPVZazcEgynf0zzd6/1da3f4decf50f87a132f03e22fc3cde9/Exploit_Mitigation_InstallerFile_BG.png?w=1751&h=1084&q=55&fm=webp
Requested by: Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:4800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: e19bbac7d23ec743924b0bbecc1b4a193c4c2d68efbf40e6664ec2366e500b0e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:54:56 GMT
via: 1.1 1414bd7a19d3e0731eb4c47589439132.cloudfront.net (CloudFront)
last-modified: Thu, 03 Feb 2022 18:32:05 GMT
server: Contentful Images API
x-amz-cf-pop: TXL50-P2
etag: "380189184c5abf85fd25284019e0a8fc"
x-cache: RefreshHit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 22302
x-amz-cf-id: B_gwCxpJV1g5BBOkbQymUVwfBDvm8Z5a-cYicenPcAtGJQEbRB44FQ==

GET
H2 200 gg_logo.svg
images.ctfassets.net/kvf8rpi09wgk/2zxNhSRVwlWqmcuBZabfRG/fd249dda0f2d603cef55da0a63c72c08/ 689 B
1 KB 183ms
62ms Image
image/svg+xml 2600:9000:225f:4800:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kvf8rpi09wgk/2zxNhSRVwlWqmcuBZabfRG/fd249dda0f2d603cef55da0a63c72c08/gg_logo.svg
Requested by: Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:4800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 9d3631b5ddd7e057f2167921ac1b79fe3c879cc7e62f9ec5b6ebbfa076b57cb9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:54:56 GMT
via: 1.1 1414bd7a19d3e0731eb4c47589439132.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jul 2020 15:04:26 GMT
server: Contentful Images API
age: 1180
etag: "f6ce5696e634677f94343db90b9f66dd"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
content-length: 689
x-amz-cf-id: KkzX6R7PHcROvJD_1q4bq0RZNLeLyboIu-zg1zhsq3dwzHl04Cy03g==

GET
H2 200 ap_logo.svg
images.ctfassets.net/kvf8rpi09wgk/37ZgkeW5iYfUmDfRjHcjtR/0b37af69be85a521266ba41993d0d6cb/ 386 B
757 B 172ms
51ms Image
image/svg+xml 2600:9000:225f:4800:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kvf8rpi09wgk/37ZgkeW5iYfUmDfRjHcjtR/0b37af69be85a521266ba41993d0d6cb/ap_logo.svg
Requested by: Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:4800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: c75eb9e390aa4e071f8f1759f0940e1e586e196ce84ae4905da8659fc551994f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 05:25:52 GMT
via: 1.1 1414bd7a19d3e0731eb4c47589439132.cloudfront.net (CloudFront)
last-modified: Fri, 19 Feb 2021 16:50:33 GMT
server: Contentful Images API
age: 80945
etag: "87e1741a7110839588f63bb48a59628d"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
content-length: 386
x-amz-cf-id: F7OOYxksnvJkmYDta-2354Q48j7UZAGF5nbrZapCPJrmzix5fyfswg==

GET
H2 200 ms_logo.svg
images.ctfassets.net/kvf8rpi09wgk/1rYb8eb8DslutKx7apQlzv/61fbda6da98c501e56ae9fb7d095b2e3/ 232 B
604 B 173ms
53ms Image
image/svg+xml 2600:9000:225f:4800:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kvf8rpi09wgk/1rYb8eb8DslutKx7apQlzv/61fbda6da98c501e56ae9fb7d095b2e3/ms_logo.svg
Requested by: Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:4800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 7383ee3f4999fe311b1826a9ffae9048cbf3d13015c78900201d2f892862dadc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 04:22:03 GMT
via: 1.1 1414bd7a19d3e0731eb4c47589439132.cloudfront.net (CloudFront)
last-modified: Fri, 19 Feb 2021 16:36:10 GMT
server: Contentful Images API
age: 84774
etag: "a741d856f7184ceb524689cd1ae41d6a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
content-length: 232
x-amz-cf-id: kUJsRSUQK5IkHCCC4404wwj9xfNRkxyE2QEDJRwa_QwALATwC4iOJw==

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 217ms
149ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://www.cybrary.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Sun, 13 Feb 2022 03:54:56 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 149ms
149ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: www.cybrary.it
URL: https://www.cybrary.it/app-2d397b3639ad9424d8da.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://www.cybrary.it/
Bugsnag-Sent-At: 2022-02-13T03:54:58.137Z
Accept-Language: en-GB,en;q=0.9
Bugsnag-Api-Key: 368e3c72f269eb81b130544be947bd67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 13 Feb 2022 03:54:56 GMT
via: 1.1 google
bugsnag-session-uuid: 635db322-0b01-40dc-b413-dd2ea6d56794
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1039233&time=1644724498229&url=https%3A%2F%2Fwww.cybrary.it%2Fcourse%2Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%2F%3Futm_s...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1039233%26time%3D1644724498229%26url%3Dhttps%253A%252F%252Fwww.cybrary.it%252Fcou...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1039233&time=1644724498229&url=https%3A%2F%2Fwww.cybrary.it%2Fcourse%2Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%2F%3Futm_s...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1039233&time=1644724498229&url=https%3A%2F%2Fwww.cybrary.it%2Fcourse%2Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%2F%3Futm_...

0
155 B

447ms
235ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1039233&time=1644724498229&url=https%3A%2F%2Fwww.cybrary.it%2Fcourse%2Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%2F%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Db2b-resourses&liSync=true&e_ipv6=AQIw9x0EOEEB_wAAAX7xOCrop7afO0QHpUXUpC37ZWWSiJ6ffBi5Dmi9cPYc7b1PIcvhlEQ
Requested by: Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:54:57 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: xYQdaTc80xYA4lg8+CoAAA==

Redirect headers

date: Sun, 13 Feb 2022 03:54:56 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: FE535B2FB7AD41F49C80934CAD0EFAB3 Ref B: MAN30EDGE0812 Ref C: 2022-02-13T03:54:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1039233&time=1644724498229&url=https%3A%2F%2Fwww.cybrary.it%2Fcourse%2Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%2F%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Db2b-resourses&liSync=true&e_ipv6=AQIw9x0EOEEB_wAAAX7xOCrop7afO0QHpUXUpC37ZWWSiJ6ffBi5Dmi9cPYc7b1PIcvhlEQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXX3kNnbydP/+HngYEG9g==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-56709046-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7B7PNDDRRZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f88835a46ae9b629d1e5d92348431ad6d17e308e3ceb0f53f9024e83ab41fe6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:54:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36167
x-xss-protection: 0
expires: Sun, 13 Feb 2022 03:54:56 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 156ms
51ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVNRWXV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:54:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 03:54:56 GMT

GET
H2 200 2092.js Show response
script.crazyegg.com/pages/scripts/0110/ 5 KB
2 KB 111ms
31ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0110/2092.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVNRWXV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7293f937923cb6c1947def72b5db266a9fb081ca2a8bf6f74a5613e67977cd60

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:54:56 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 213765
cf-polished: origSize=4899
cf-ray: 6dcb1e482eb275e3-LHR
ce-version: 11.1.376
last-modified: Thu, 10 Feb 2022 16:32:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 118ms
36ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: t.co
URL: https://t.co/wl8iljDgBm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: yS2W+E/AgFVy2jVqr371DBNwRCUnWHaoPQmWqCrHhAVEqbX2L1FGQ4irejR7D8NBud9cx2/OksRArrqOIKq7sA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 13 Feb 2022 03:54:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 128ms
34ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: t.co
URL: https://t.co/wl8iljDgBm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 03:54:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 126ms
34ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56709046-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1202
date: Sun, 13 Feb 2022 03:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 13 Feb 2022 05:34:54 GMT

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 matt-mullins.jpeg
images.ctfassets.net/kvf8rpi09wgk/4eXrzWPmMxDxG0yjf7yH9K/95c17d15d9dda1c34ee795fb69c48ab8/ 3 KB
4 KB 48ms
47ms Image
image/jpeg 2600:9000:225f:4800:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kvf8rpi09wgk/4eXrzWPmMxDxG0yjf7yH9K/95c17d15d9dda1c34ee795fb69c48ab8/matt-mullins.jpeg?w=80&h=80&fit=thumb
Requested by: Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:4800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: c822f5509574a9148c16389a1896095e8b9a0319152588ac1daf13275693b212

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 22:46:17 GMT
via: 1.1 1414bd7a19d3e0731eb4c47589439132.cloudfront.net (CloudFront)
last-modified: Thu, 20 Jan 2022 16:15:37 GMT
server: Contentful Images API
age: 75822
etag: "5e1346103fa1570f0cd9c91641e186f6"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
content-length: 3209
x-amz-cf-id: smXGYqwPqhUK3mcAjHIn-mIlabwaLlMMFrgijU5DGeN_Ub0SWFBSsQ==

GET
H2 200 Cybrary_Logo_2019-BlackCybrary.png
images.ctfassets.net/kvf8rpi09wgk/6zC8AKNycm1GL0hxRxUPu1/37b33c7059bdf7bd3992bc7cb7d24537/ 56 KB
57 KB 57ms
57ms Image
image/png 2600:9000:225f:4800:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kvf8rpi09wgk/6zC8AKNycm1GL0hxRxUPu1/37b33c7059bdf7bd3992bc7cb7d24537/Cybrary_Logo_2019-BlackCybrary.png
Requested by: Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:4800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 1f65918559e56662221a627f95464a23bd8a997a54559fe5c12c35cd3fe6ba02

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 05:25:52 GMT
via: 1.1 1414bd7a19d3e0731eb4c47589439132.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jul 2019 14:36:32 GMT
server: Contentful Images API
age: 80945
etag: "e4e1caa7d9dca04ad6bf0b6e69882607"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
content-length: 57491
x-amz-cf-id: gdHmn-UczS1ZYhK6vdp1n3arQQpfMMv6En0nWjxeC7PTJKQe0nFhEQ==

GET
H2 200 geoip Show response
8dkfarln27.execute-api.us-east-2.amazonaws.com/Prod/ 309 B
548 B 445ms
202ms XHR
application/json 3.20.132.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://8dkfarln27.execute-api.us-east-2.amazonaws.com/Prod/geoip
Requested by: Host: www.cybrary.it
URL: https://www.cybrary.it/app-2d397b3639ad9424d8da.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.132.151 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-132-151.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 5a3150460a41924eb248fc287072977ead906314b58e01970042f4d01347d0ff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cybrary.it/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:54:57 GMT
x-amzn-requestid: be9a3885-af34-4909-86c0-694f4f182e45
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62088111-49f5715c0f1f1d882237b888;Sampled=0
access-control-allow-credentials: true
x-amz-apigw-id: NdkasFk7iYcFsPg=
content-length: 309

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
996 B 134ms
50ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdpnOIcAAAAABpPA_d0X_fslduU4tnoirwar8qA

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/app-2d397b3639ad9424d8da.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2d980abb94492fec388d9dedfd21b3b30f1d3e6bfc98bcb679ead850affed5e1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:54:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Sun, 13 Feb 2022 03:54:56 GMT

GET
H2 200 geoip Show response
8dkfarln27.execute-api.us-east-2.amazonaws.com/Prod/ 309 B
548 B 423ms
197ms XHR
application/json 3.20.132.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://8dkfarln27.execute-api.us-east-2.amazonaws.com/Prod/geoip
Requested by: Host: www.cybrary.it
URL: https://www.cybrary.it/app-2d397b3639ad9424d8da.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.132.151 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-132-151.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 5a3150460a41924eb248fc287072977ead906314b58e01970042f4d01347d0ff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cybrary.it/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:54:57 GMT
x-amzn-requestid: ce6a355f-9cc0-443e-a5b7-137a09d33c82
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62088111-3025821018085a8a1e9e1929;Sampled=0
access-control-allow-credentials: true
x-amz-apigw-id: NdkasHK5iYcFvDQ=
content-length: 309

POST
H/1.1 200
OK queries Show response
nbq83jofdp-dsn.algolia.net/1/indexes/*/ 47 KB
8 KB 104ms
104ms XHR
application/json 38.103.45.45
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://nbq83jofdp-dsn.algolia.net/1/indexes/*/queries?x-algolia-agent=Algolia%20for%20JavaScript%20(4.11.0)%3B%20Browser%3B%20JS%20Helper%20(3.7.0)

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/commons-0ef49eb7b941b0bc04ea.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

38.103.45.45 , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

nginx /

Resource Hash

5ee6ca94f22089c34e6473b412fe8e19be75a1f254658797baa413f9756118e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

x-algolia-application-id: NBQ83JOFDP
Referer: https://www.cybrary.it/
x-algolia-api-key: eeff7d3e12e545146ed58db67b3b1ebf
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

Date: Sun, 13 Feb 2022 03:54:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Accept-Encoding: deflate, gzip
X-Alg-PT: 2
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Transfer-Encoding: chunked
Content-Disposition: inline; filename=a.txt
Connection: keep-alive
Timing-Allow-Origin: *

OPTIONS
H/1.1 200
OK queries
nbq83jofdp-dsn.algolia.net/1/indexes/*/ Frame 0
0 339ms
99ms Preflight
text/plain 38.103.45.45
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://nbq83jofdp-dsn.algolia.net/1/indexes/*/queries?x-algolia-agent=Algolia%20for%20JavaScript%20(4.11.0)%3B%20Browser%3B%20JS%20Helper%20(3.7.0)

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

38.103.45.45 , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-algolia-api-key,x-algolia-application-id
Origin: https://www.cybrary.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 13 Feb 2022 03:54:57 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Disposition: inline; filename=a.txt
Access-Control-Allow-Methods: GET, PUT, DELETE, POST, OPTIONS
Access-Control-Allow-Headers: x-algolia-application-id, connection, origin, x-algolia-api-key, content-type, content-length, x-algolia-signature, x-algolia-user-id, x-algolia-usertoken, x-algolia-tagfilters, DNT, X-Mx-ReqToken, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Authorization, Accept, Pragma
Access-Control-Allow-Credentials: false
Expires: Mon, 14 Feb 2022 03:54:57 GMT
Cache-Control: max-age=86400
Access-Control-Max-Age: 86400

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 87ms
45ms Ping
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7B7PNDDRRZ&gtm=2oe290&_p=533199914&sr=1600x1200&ul=en-us&cid=1023412736.1644724498&_s=1&dl=https%3A%2F%2Fwww.cybrary.it%2Fcourse%2Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%2F%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Db2b-resourses&dr=https%3A%2F%2Ft.co%2F&dt=Exploitation%20and%20Mitigation%3A%20InstallerFileTakeOver%20(CVE-2021-41379)%20%7C%20Cybrary&sid=1644724498&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_path=%2Fcourse%2Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%2F%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Db2b-resourses
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7B7PNDDRRZ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 03:54:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cybrary.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2092.json Show response
script.crazyegg.com/pages/data-scripts/0110/ 7 KB
2 KB 81ms
33ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0110/2092.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0110/2092.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dcd0dc1a7614e7e3d49da45882f91476d29b5b0ecea87a7d28331368f7c2a74

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:54:56 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 213684
ce-version: 11.1.376
content-length: 1671
timing-allow-origin: *
last-modified: Thu, 10 Feb 2022 16:33:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6dcb1e494df7778c-LHR

GET
H3 200 170922003476099 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 118ms
80ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/170922003476099?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4525f4c9f06e7e4332aab27a6f0d1cdf408247aa80857242bb2525a0bc871143

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: kvaokF4S+kYTplhcnfGQgqd+wYZa3AoF7smNoKtn1aKZCj6CsQv9cQF9eKGq26YZdyv5zDkwb+6mGHWwMKRw6g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 13 Feb 2022 03:54:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 35ms
35ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 03:54:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Tue, 24 May 2022 03:54:56 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/938281308/ 3 KB
2 KB 136ms
47ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/938281308/?random=1644724498542&cv=9&fst=1644724498542&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybrary.it%2Fcourse%2Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%2F%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Db2b-resourses&ref=https%3A%2F%2Ft.co%2F&tiba=Exploitation%20and%20Mitigation%3A%20InstallerFileTakeOver%20(CVE-2021-41379)%20%7C%20Cybrary&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef281bec0ce909840d9ce73d2aa9378a80fa804004ee33552b233289e8ab71ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 03:54:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1145
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 43ms
43ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=533199914&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cybrary.it%2Fcourse%2Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%2F%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Db2b-resourses&dr=https%3A%2F%2Ft.co%2F&dp=%2Fcourse%2Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%2F%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Db2b-resourses&ul=en-us&de=UTF-8&dt=Exploitation%20and%20Mitigation%3A%20InstallerFileTakeOver%20(CVE-2021-41379)%20%7C%20Cybrary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=161283208&gjid=1748622695&cid=1023412736.1644724498&tid=UA-56709046-1&_gid=1602043428.1644724499&_r=1&gtm=2ou290&z=927927251

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cybrary.it/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 03:54:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cybrary.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK visitWebPage
948-bsi-099.mktoresp.com/webevents/ 2 B
311 B 789ms
99ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://948-bsi-099.mktoresp.com/webevents/visitWebPage?_mchNc=1644724498562&_mchCn=&_mchId=948-BSI-099&_mchTk=_mch-www.cybrary.it-1644724498561-26012&_mchHo=www.cybrary.it&_mchPo=&_mchRu=%2Fcourse%2Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%2F&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Ft.co%2F&_mchQp=utm_source%3Dtwitter__-__utm_medium%3Dsocial__-__utm_campaign%3Db2b-resourses
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 03:54:57 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: e51a0079-e366-458b-80f3-69dd3c51677d

GET
H2 200 11.1.376.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 71 KB
23 KB 31ms
31ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0110/2092.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b401d1e804e0a5079603c8f74249ae0e2ec2c797703490f3a0c38079cd989027

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Feb 2022 03:54:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 14:25:17 GMT
server: cloudflare
age: 399451
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 6dcb1e497f8c75e3-LHR
content-length: 23366

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ 354 KB
355 KB 165ms
37ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdpnOIcAAAAABpPA_d0X_fslduU4tnoirwar8qA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34ddb17fa5ce3277bc2c28f8baf901a219c50a7808feee12fe23f2a2a69961e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cybrary.it/
Origin: https://www.cybrary.it
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 20:21:36 GMT
x-content-type-options: nosniff
age: 27201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 362508
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 20:21:36 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
445 B 101ms
30ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-56709046-1&cid=1023412736.1644724498&jid=161283208&gjid=1748622695&_gid=1602043428.1644724499&_u=YADAAUAAAAAAAC~&z=1975708712

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cybrary.it/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 13 Feb 2022 03:54:56 GMT
content-type: text/plain
access-control-allow-origin: https://www.cybrary.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2092.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0110/ 156 B
240 B 35ms
34ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0110/2092.json?t=456867
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 031601a545c0b55e8751ffaef28541fa57356d9b823f2d26916cfb0523fc1073

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:54:56 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 14893
ce-version: 11.1.376
content-length: 146
timing-allow-origin: *
last-modified: Sat, 12 Feb 2022 23:46:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6dcb1e49ee69778c-LHR

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
420 B 118ms
35ms XHR
binary/octet-stream 143.204.98.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-57.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 13:52:43 GMT
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 4629735
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: SNttA87JpqGylLg6WSz5khc5RmbD8N2xm0fWnHeqvV43PJT7vk9ZKg==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
420 B 132ms
37ms XHR
binary/octet-stream 143.204.98.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-57.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 13:24:28 GMT
via: 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 4631430
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: GbLp9MIx1RseK2YX44U56cgR938ANwwHISNDXEfUU3fPSSsfrzK4QA==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 88ms
44ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-56709046-1&cid=1023412736.1644724498&jid=161283208&_u=YADAAUAAAAAAAC~&z=1806285804

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 03:54:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 151ms
45ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-56709046-1&cid=1023412736.1644724498&jid=161283208&_u=YADAAUAAAAAAAC~&z=1806285804

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 03:54:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 6445b144-76f7-4316-8a47-16860a9a6e48
https://www.cybrary.it/ 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cybrary.it/6445b144-76f7-4316-8a47-16860a9a6e48
Requested by: Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 130ms
35ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=170922003476099&ev=PageView&dl=https%3A%2F%2Fwww.cybrary.it%2Fcourse%2Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%2F%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Db2b-resourses&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1644724498767&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644724498765.375001154&it=1644724498507&coo=false&exp=p0&rqm=GET

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:54:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sun, 13 Feb 2022 03:54:57 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/938281308/ 42 B
64 B 72ms
44ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/938281308/?random=1644724498542&cv=9&fst=1644721200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fwww.cybrary.it%2Fcourse%2Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%2F%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Db2b-resourses&ref=https%3A%2F%2Ft.co%2F&tiba=Exploitation%20and%20Mitigation%3A%20InstallerFileTakeOver%20(CVE-2021-41379)%20%7C%20Cybrary&async=1&fmt=3&is_vtc=1&random=3201116372&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 03:54:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/938281308/ 42 B
154 B 136ms
46ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/938281308/?random=1644724498542&cv=9&fst=1644721200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Fwww.cybrary.it%2Fcourse%2Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%2F%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Db2b-resourses&ref=https%3A%2F%2Ft.co%2F&tiba=Exploitation%20and%20Mitigation%3A%20InstallerFileTakeOver%20(CVE-2021-41379)%20%7C%20Cybrary&async=1&fmt=3&is_vtc=1&random=3201116372&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 03:54:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Cybrary-Cert.png
images.ctfassets.net/kvf8rpi09wgk/7a9Hi5dmSSnzuNJqMTcqUC/5264b28124e7ec8087d82c771a3f84bb/ 17 KB
17 KB 51ms
51ms Image
image/png 2600:9000:225f:4800:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kvf8rpi09wgk/7a9Hi5dmSSnzuNJqMTcqUC/5264b28124e7ec8087d82c771a3f84bb/Cybrary-Cert.png?w=220&q=100
Requested by: Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:4800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 8f303b657e951f5075333fbd341fa7dd7bdb1bc0550ae9ba802009b7872abbf1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 04:32:35 GMT
via: 1.1 1414bd7a19d3e0731eb4c47589439132.cloudfront.net (CloudFront)
last-modified: Mon, 17 Jan 2022 13:32:16 GMT
server: Contentful Images API
age: 84142
etag: "71c5650d835e500ec2c2f2f13afdfc9c"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P2
content-length: 17089
x-amz-cf-id: joUHMSURjhO0OAMOlk08IWBoOypA4eFlgfFRPaxr2HjCd1ftObcETA==

GET
H2 200 clock Show response
tracking.crazyegg.com/ 26 B
133 B 129ms
49ms XHR
text/plain 34.249.212.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1644724498883
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.212.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-212-247.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 7316fb05f128f1ec03ac30eea34c663325611f7741edab4de5d5683889d8b57d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 13 Feb 2022 03:54:57 GMT
cache-control: no-store
server: awselb/2.0
content-length: 26
content-type: text/plain

POST
H2 200 events Show response
www.cybrary.it/tics/api/ 0
1 KB 230ms
230ms XHR
text/html 143.204.98.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybrary.it/tics/api/events

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/app-2d397b3639ad9424d8da.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-37.fra50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src https://*.cybrary.it; script-src 'unsafe-inline'; style-src 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 13 Feb 2022 03:54:57 GMT
via: 1.1 google, 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 69
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Origin
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: istio-envoy
x-frame-options: deny
expect-ct: max-age=86400, enforce
access-control-max-age: 60
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.cybrary.it
x-download-options: noopen
x-cloud-trace-context: c4e58177793fdd831ca0617fd4e487f1/8702562561805618633;o=1
cache-control: no-cache, private
feature-policy: camera 'none';microphone 'none';geolocation 'none';encrypted-media 'none';payment 'none';speaker 'none';usb 'none';
content-security-policy: default-src 'self'; img-src https://*.cybrary.it; script-src 'unsafe-inline'; style-src 'unsafe-inline'; object-src 'none'
access-control-allow-credentials: true
access-control-allow-headers: AUTHORIZATION,Content-Type,x-cybrary-larp-team,x-cybrary-larp-user,x-cybrary-larp-role,x-release-tag
x-amz-cf-id: GDXETmdOtZpu5Ar1oeYyEMDbWCtJB8vAyZsxjgxmWYltCdTuOmhrGw==

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B7B8 41 KB
21 KB 65ms
65ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpnOIcAAAAABpPA_d0X_fslduU4tnoirwar8qA&co=aHR0cHM6Ly93d3cuY3licmFyeS5pdDo0NDM.&hl=en&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&cb=8iroasxbx7g5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7029d4132c8d8315e6ae997c0bf7b094940c1a15b8dc059cd2f96eb8cca57638

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TM19Lqd2Ve5Ip760KL1yeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 13 Feb 2022 03:54:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-TM19Lqd2Ve5Ip760KL1yeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21817
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 5604 41 KB
21 KB 67ms
67ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpnOIcAAAAABpPA_d0X_fslduU4tnoirwar8qA&co=aHR0cHM6Ly93d3cuY3licmFyeS5pdDo0NDM.&hl=en&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&cb=tgr5nsf4h0up

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a93690be2e1ccc31da1249bc600e4902de96c4e43cf2248b5600070ee2376d7d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9Yo8oRR+vpIQ+3V4b2/lUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 13 Feb 2022 03:54:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-9Yo8oRR+vpIQ+3V4b2/lUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21607
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 933D 41 KB
21 KB 78ms
78ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpnOIcAAAAABpPA_d0X_fslduU4tnoirwar8qA&co=aHR0cHM6Ly93d3cuY3licmFyeS5pdDo0NDM.&hl=en&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&cb=drloi7su0cfa

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d1ff33c78ef96395b85d4ba61a0878fdb92b4a9b4fc8c98e2080d27b2ceebaeb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p27fI+VZGJqWOhjDzFseIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 13 Feb 2022 03:54:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-p27fI+VZGJqWOhjDzFseIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21728
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
BLOB 200
OK a1c10c3e-4c35-4498-82c0-f512ec9aff0e
https://www.cybrary.it/ 218 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cybrary.it/a1c10c3e-4c35-4498-82c0-f512ec9aff0e
Requested by: Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5df5360850650e6dbe5d1a12372e9bb12bd075bd314a9bcd53a8974a13c4b97

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 218
Content-Type: text/javascript

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame B7B8 51 KB
24 KB 78ms
36ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpnOIcAAAAABpPA_d0X_fslduU4tnoirwar8qA&co=aHR0cHM6Ly93d3cuY3licmFyeS5pdDo0NDM.&hl=en&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&cb=8iroasxbx7g5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 20:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 20:21:34 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame B7B8 354 KB
354 KB 131ms
88ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34ddb17fa5ce3277bc2c28f8baf901a219c50a7808feee12fe23f2a2a69961e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 20:21:36 GMT
x-content-type-options: nosniff
age: 27201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 362508
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 20:21:36 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame 5604 51 KB
24 KB 76ms
34ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 20:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 20:21:34 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame 5604 354 KB
354 KB 145ms
104ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34ddb17fa5ce3277bc2c28f8baf901a219c50a7808feee12fe23f2a2a69961e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 20:21:36 GMT
x-content-type-options: nosniff
age: 27201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 362508
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 20:21:36 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame 933D 51 KB
24 KB 104ms
63ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 20:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 20:21:34 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame 933D 354 KB
354 KB 146ms
105ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34ddb17fa5ce3277bc2c28f8baf901a219c50a7808feee12fe23f2a2a69961e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 20:21:36 GMT
x-content-type-options: nosniff
age: 27201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 362508
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 20:21:36 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 573C 0
18 B 75ms
35ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.cybrary.it
URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.cybrary.it
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.cybrary.it
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Sun, 13 Feb 2022 03:54:57 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5604 2 KB
2 KB 35ms
34ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 03:05:30 GMT
x-content-type-options: nosniff
age: 348567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 16 Feb 2022 03:05:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5604 15 KB
15 KB 42ms
35ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 384496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 17:06:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5604 15 KB
15 KB 43ms
36ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 14:17:54 GMT
x-content-type-options: nosniff
age: 394623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 14:17:54 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 933D 2 KB
2 KB 35ms
34ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 03:05:30 GMT
x-content-type-options: nosniff
age: 348567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 16 Feb 2022 03:05:30 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 933D 15 KB
15 KB 79ms
35ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 384496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 933D 15 KB
15 KB 90ms
46ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 14:17:54 GMT
x-content-type-options: nosniff
age: 394623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 14:17:54 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B7B8 2 KB
2 KB 40ms
40ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 03:05:30 GMT
x-content-type-options: nosniff
age: 348567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 16 Feb 2022 03:05:30 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B7B8 15 KB
15 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 384496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B7B8 15 KB
15 KB 53ms
52ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 14:17:54 GMT
x-content-type-options: nosniff
age: 394623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 14:17:54 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 5604 102 B
134 B 48ms
48ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=BycHQdSIhzR_1EcOLw2mOzYQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eef7d008c4ca9d288c66d6a4cfd1e8d8a0228630e24e13136edeff555061ec4a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpnOIcAAAAABpPA_d0X_fslduU4tnoirwar8qA&co=aHR0cHM6Ly93d3cuY3licmFyeS5pdDo0NDM.&hl=en&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&cb=tgr5nsf4h0up
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 13 Feb 2022 03:54:57 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 933D 102 B
134 B 42ms
42ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=BycHQdSIhzR_1EcOLw2mOzYQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eef7d008c4ca9d288c66d6a4cfd1e8d8a0228630e24e13136edeff555061ec4a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpnOIcAAAAABpPA_d0X_fslduU4tnoirwar8qA&co=aHR0cHM6Ly93d3cuY3licmFyeS5pdDo0NDM.&hl=en&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&cb=drloi7su0cfa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 13 Feb 2022 03:54:57 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame B7B8 102 B
134 B 43ms
43ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=BycHQdSIhzR_1EcOLw2mOzYQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eef7d008c4ca9d288c66d6a4cfd1e8d8a0228630e24e13136edeff555061ec4a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdpnOIcAAAAABpPA_d0X_fslduU4tnoirwar8qA&co=aHR0cHM6Ly93d3cuY3licmFyeS5pdDo0NDM.&hl=en&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&cb=8iroasxbx7g5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 13 Feb 2022 03:54:57 GMT

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 474ms
100ms Script
application/javascript 35.174.150.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: t.co
URL: https://t.co/wl8iljDgBm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-3-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 03:54:58 GMT
content-encoding: gzip
X-Pardot-Route: 8f46b7608980401223b1d0300f1fdf0e
X-Pardot-LB: a083ac6fc1531fb089982e922db67d20
last-modified: Fri, 11 Feb 2022 05:16:29 GMT
Server: PardotServer
etag: "1547-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=63072000
accept-ranges: bytes
content-length: 1950
expires: Tue, 13 Feb 2024 03:54:58 GMT

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 353ms
353ms Script
text/javascript 35.174.150.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1198&account_id=786393&title=Exploitation%20and%20Mitigation%3A%20InstallerFileTakeOver%20(CVE-2021-41379)%20%7C%20Cybrary&url=https%3A%2F%2Fwww.cybrary.it%2Fcourse%2Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%2F%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Db2b-resourses&referrer=https%3A%2F%2Ft.co%2F&utm_campaign=b2b-resourses&utm_medium=social&utm_source=twitter

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

pi0-lba1-3-ue1.aws.pardot.com

Software

PardotServer /

Resource Hash

5f195d46b80cb2ae077ee2e8211deb393e4ab8b89e19901409bac6aa9eb37eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 03:54:58 GMT
content-encoding: gzip
X-Pardot-Route: 403edde838d926b2f64a33ea88db7473
X-Pardot-LB: a083ac6fc1531fb089982e922db67d20
x-pardot-rsp: 0/0/1
vary: Accept-Encoding,User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 535
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK analytics Show response
info.cybrary.it/ 50 B
1 KB 558ms
189ms Script
text/javascript 35.174.150.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://info.cybrary.it/analytics?conly=true&visitor_id=393960852&visitor_id_sign=23adf0a10da9c32ad44739fe6905519ecd02692e8f13a3c52d49788339720d07fdf7c67e4745200c7c0defa52c03ba41deafb763&pi_opt_in=&campaign_id=1198&account_id=786393&title=Exploitation%20and%20Mitigation:%20InstallerFileTakeOver%20(CVE-2021-41379)%20|%20Cybrary&url=https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses&referrer=https://t.co/&utm_campaign=b2b-resourses&utm_medium=social&utm_source=twitter
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1198&account_id=786393&title=Exploitation%20and%20Mitigation%3A%20InstallerFileTakeOver%20(CVE-2021-41379)%20%7C%20Cybrary&url=https%3A%2F%2Fwww.cybrary.it%2Fcourse%2Fexploitation-and-mitigation-installerfiletakeover-cve-2021-41379%2F%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Db2b-resourses&referrer=https%3A%2F%2Ft.co%2F&utm_campaign=b2b-resourses&utm_medium=social&utm_source=twitter
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-3-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.cybrary.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 03:54:59 GMT
X-Pardot-Route: 403edde838d926b2f64a33ea88db7473
X-Pardot-LB: a083ac6fc1531fb089982e922db67d20
x-pardot-rsp: 0/0/1
vary: User-Agent
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript; charset=utf-8
content-length: 50
Server: PardotServer
expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-20 10:22:18	Name: muc Value: 8e36f715-129e-4eb9-bc25-4a688570ed07
.cybrary.it/	1970-01-20 03:01:40	Name: _gcl_au Value: 1.1.2080851309.1644724498
.cybrary.it/	1970-01-20 09:37:40	Name: lastCourseViewed Value: course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379
.cybrary.it/	1970-01-20 13:49:40	Name: cyb_attr Value: f694a812-bf5f-47c9-a2bf-3b244968343a
.cybrary.it/	1970-01-20 18:23:16	Name: _ga_7B7PNDDRRZ Value: GS1.1.1644724498.1.0.1644724498.0
.linkedin.com/	1970-01-20 01:35:16	Name: UserMatchHistory Value: AQISYDMwWcGKSwAAAX7xOClzK_XG63oJhM-RHPCR193l54GKus81jv6M-tlrnkW4lXWky00zvWyzqQ
.linkedin.com/	1970-01-20 01:35:16	Name: AnalyticsSyncHistory Value: AQLf7ERdOWhcXwAAAX7xOClzk9L11j17jSX6s-aqekB2iEO7aac3yfC6FiqikvjBLgLhHmAaRMcHjLhycw508Q
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:23:58	Name: bcookie Value: "v=2&7f283289-3803-4f7d-8bf6-cfd3a64e3ba7"
.linkedin.com/	1970-01-20 00:53:30	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2272:u=1:x=1:i=1644724496:t=1644810896:v=2:sig=AQFkCcXC8fyuKdDX-64oWfzwOz6bk6p4"
.cybrary.it/	1970-01-20 18:23:16	Name: _ga Value: GA1.2.1023412736.1644724498
.cybrary.it/	1970-01-20 00:53:30	Name: _gid Value: GA1.2.1602043428.1644724499
.cybrary.it/	1970-01-20 00:52:04	Name: _gat_gtag_UA_56709046_1 Value: 1
.www.cybrary.it/	1970-01-20 18:23:16	Name: _mkto_trk Value: id:948-BSI-099&token:_mch-www.cybrary.it-1644724498561-26012
.doubleclick.net/	1970-01-20 00:52:05	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 18:23:58	Name: bscookie Value: "v=1&20220213035456f83eb1b8-544a-492d-80dc-9f83bc7b227cAQGTqp9qj-ytttrnjcmZ9vu7fLs3VzR2"
.linkedin.com/	1970-01-20 18:17:03	Name: li_gc Value: MTswOzE2NDQ3MjQ0OTY7MjswMjFNdqUUrkO6y68Ux8fKiA5XQ3yRepWfPAY6FA6dgD3OaQ==
.cybrary.it/	1970-01-20 03:01:40	Name: _fbp Value: fb.1.1644724498765.375001154
.cybrary.it/	1969-12-31 23:59:59	Name: cyb_geo Value: {%22as%22:%22AS20860%20IOMART%20CLOUD%20SERVICES%20LIMITED%22%2C%22city%22:%22Ealing%22%2C%22country%22:%22United%20Kingdom%22%2C%22countryCode%22:%22GB%22%2C%22isp%22:%22Iomart%20Cloud%20Services%20Limited%22%2C%22lat%22:51.5122%2C%22lon%22:-0.30204%2C%22org%22:%22CustNo%22%2C%22query%22:%225.187.21.110%22%2C%22region%22:%22ENG%22%2C%22regionName%22:%22England%22%2C%22status%22:%22success%22%2C%22timezone%22:%22Europe/London%22%2C%22zip%22:%22W13%22}
.cybrary.it/	1970-01-20 09:37:40	Name: _ce.s Value: v11.rlc~1644724499058
.pardot.com/	1970-01-23 16:28:04	Name: visitor_id785393 Value: 393960852
.pardot.com/	1970-01-23 16:28:04	Name: visitor_id785393-hash Value: 23adf0a10da9c32ad44739fe6905519ecd02692e8f13a3c52d49788339720d07fdf7c67e4745200c7c0defa52c03ba41deafb763
pi.pardot.com/	1970-01-20 00:52:06	Name: lpv785393 Value: aHR0cHM6Ly93d3cuY3licmFyeS5pdC9jb3Vyc2UvZXhwbG9pdGF0aW9uLWFuZC1taXRpZ2F0aW9uLWluc3RhbGxlcmZpbGV0YWtlb3Zlci1jdmUtMjAyMS00MTM3OS8%2FdXRtX3NvdXJjZT10d2l0dGVyJnV0bV9tZWRpdW09c29jaWFsJnV0bV9jYW1wYWlnbj1iMmItcmVzb3Vyc2Vz
www.cybrary.it/	1970-01-23 16:28:04	Name: visitor_id785393 Value: 393960852
www.cybrary.it/	1970-01-23 16:28:04	Name: visitor_id785393-hash Value: 23adf0a10da9c32ad44739fe6905519ecd02692e8f13a3c52d49788339720d07fdf7c67e4745200c7c0defa52c03ba41deafb763
info.cybrary.it/	1970-01-23 16:28:04	Name: visitor_id785393 Value: 393960852
info.cybrary.it/	1970-01-23 16:28:04	Name: visitor_id785393-hash Value: 23adf0a10da9c32ad44739fe6905519ecd02692e8f13a3c52d49788339720d07fdf7c67e4745200c7c0defa52c03ba41deafb763

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
javascript	warning	URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses Message: The resource https://www.cybrary.it/assets/inter-latin-400-normal.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses Message: The resource https://www.cybrary.it/assets/inter-latin-600-normal.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses Message: The resource https://www.cybrary.it/assets/inter-latin-900-normal.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.cybrary.it/course/exploitation-and-mitigation-installerfiletakeover-cve-2021-41379/?utm_source=twitter&utm_medium=social&utm_campaign=b2b-resourses Message: The resource https://www.cybrary.it/assets/inter-latin-700-normal.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8dkfarln27.execute-api.us-east-2.amazonaws.com
948-bsi-099.mktoresp.com
assets-tracking.crazyegg.com
connect.facebook.net
fonts.gstatic.com
googleads.g.doubleclick.net
images.ctfassets.net
info.cybrary.it
munchkin.marketo.net
nbq83jofdp-dsn.algolia.net
pagestates-tracking.crazyegg.com
pi.pardot.com
px.ads.linkedin.com
px4.ads.linkedin.com
script.crazyegg.com
sessions.bugsnag.com
snap.licdn.com
stats.g.doubleclick.net
t.co
tracking.crazyegg.com
www.cybrary.it
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
104.111.234.67
104.244.42.133
108.174.10.14
143.204.98.37
143.204.98.57
172.217.18.98
192.28.144.124
2600:1901:0:7a0b::
2600:9000:225f:4800:12:94b3:c380:93a1
2606:4700::6813:9308
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:813::2004
2a00:1450:4001:813::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9c
2a02:26f0:f7::5c7b:e053
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.20.132.151
34.249.212.247
35.174.150.168
38.103.45.45
031601a545c0b55e8751ffaef28541fa57356d9b823f2d26916cfb0523fc1073
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13bef7d3af74f8e48abe1a771dd4c40448040540fbb23ec7aa9efb9a09592f1a
144c67eaa5ea27e58fab5c95fba9c9b363fead6cf43895927b57d0acfc2f83c4
1abcb792b17480038aae67b12a7cf2f738d9f8b769475642e92df6e095caed3f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f65918559e56662221a627f95464a23bd8a997a54559fe5c12c35cd3fe6ba02
2581f2bb552e7d6595e2f1f31561f80f8e7d7f610430297c0e587227613c4324
27ae72daf88c7431896929273087c99910d019ae82dc0af7d86505c0f5ef5dbf
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2d980abb94492fec388d9dedfd21b3b30f1d3e6bfc98bcb679ead850affed5e1
34ddb17fa5ce3277bc2c28f8baf901a219c50a7808feee12fe23f2a2a69961e4
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
403d7f08e802f084e1a8ce73bd2ac62d256b5eb885fabaef43c534ee6c080df6
405bb9bd170ebc269fefaa7f99a69f1f8796aefd8b766507e4d329716fcb3137
41767788b23bb7fd4a37cd590d25d0e71991fc591da39e2061996a6abdca961c
4525f4c9f06e7e4332aab27a6f0d1cdf408247aa80857242bb2525a0bc871143
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4ccc732bdfb86969500626deeda501ea5c55000aa7926b08176318b37ce34dc2
4d01afe488335747bf38240f9cbc29cd797c7d9c96504dd5ae5181a4c5023a76
4dcb0dc350c1d4ec211ebd51868e9b97be032ab31354dc0a09bbd3ec1d1e4f99
4f35d8afb396bb5aee79e6ccc4059a90209c9edeec04d68c0d70b12eb1eccd60
4f6d1b37baea28efd6cddbd455ac38b7bcbb46a7a82b8ed3cf461940d876e38b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58c14a504f6d3ad2882e679f4a6ec12441de58310ab5e0aa6e72867c638089b5
5a3150460a41924eb248fc287072977ead906314b58e01970042f4d01347d0ff
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c5a4fc34969cfbeb539a1a99f89b0289b884838e78dbf5df5245352183ae909
5d899f1570b5dcea714019fc6d03419edd04e9878ca213e831c0b1f1e5b28197
5ee6ca94f22089c34e6473b412fe8e19be75a1f254658797baa413f9756118e1
5f195d46b80cb2ae077ee2e8211deb393e4ab8b89e19901409bac6aa9eb37eea
6660630ce5fe3000e286ae04ee064c636df20bc243d33d062ffb1d64469b1a5f
67f7a75365575aeae41b2b1d3559381acd8d6ec4de85f3a5654d96ee7c18a022
687fc99e322c6c306a4e4c92099c3df35735687f72a40ef6239e5ee4f5bd8f13
6dcd0dc1a7614e7e3d49da45882f91476d29b5b0ecea87a7d28331368f7c2a74
7029d4132c8d8315e6ae997c0bf7b094940c1a15b8dc059cd2f96eb8cca57638
711ab6793dbc2e2628b4d69ad46bc69b65e744a23cb40add1cce50e872cf0a6f
717125911207d2df37ad5632ce09db4eef4e9b0c2dc4f365731d236ef2d50f6b
7293f937923cb6c1947def72b5db266a9fb081ca2a8bf6f74a5613e67977cd60
7316fb05f128f1ec03ac30eea34c663325611f7741edab4de5d5683889d8b57d
7383ee3f4999fe311b1826a9ffae9048cbf3d13015c78900201d2f892862dadc
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
87d718a282da60f8ef79c2c85e2999bd0fe7a6ef3fc77ccb3ad8a5ff8474b1ef
8f303b657e951f5075333fbd341fa7dd7bdb1bc0550ae9ba802009b7872abbf1
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
933fce75d609fa8f3e275376ddc9a0695e4f472dc7aec7cbbd9269808a0015a2
9d3631b5ddd7e057f2167921ac1b79fe3c879cc7e62f9ec5b6ebbfa076b57cb9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a93690be2e1ccc31da1249bc600e4902de96c4e43cf2248b5600070ee2376d7d
b0adcb1896aeead6120cca4fa50a66d65cfc203c0eb2920e7e895167b2901e46
b401d1e804e0a5079603c8f74249ae0e2ec2c797703490f3a0c38079cd989027
b74a74f86ad2b9bc16af5ff856843d57e6e5937a0245944d301e3bc8f133ad50
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c53483d4f663874df5e87b697921ce736c359d7966e3c41300afa5831feed9ff
c75eb9e390aa4e071f8f1759f0940e1e586e196ce84ae4905da8659fc551994f
c822f5509574a9148c16389a1896095e8b9a0319152588ac1daf13275693b212
ccecd825f1ca4fb933eb5b09658879756cec823bb80402631256aff44e445fdd
d1ff33c78ef96395b85d4ba61a0878fdb92b4a9b4fc8c98e2080d27b2ceebaeb
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c
d5df5360850650e6dbe5d1a12372e9bb12bd075bd314a9bcd53a8974a13c4b97
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df05d2f33fef3383a2bbd852400ad273eaa8f72127df287b34642db985193235
e19bbac7d23ec743924b0bbecc1b4a193c4c2d68efbf40e6664ec2366e500b0e
e372a739c77c285f32c59e7e878ec1845c05af02f4d1d3fe7f06064db50ea925
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eef7d008c4ca9d288c66d6a4cfd1e8d8a0228630e24e13136edeff555061ec4a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef281bec0ce909840d9ce73d2aa9378a80fa804004ee33552b233289e8ab71ab
ef2c00224623e22ea5ce85135de0123f8d03bd9cbf412a81026764a1120067b5
f27f69cbbb3dcb437cc1153fa6fa18d50831758020befd2fa32a7068c81bc2f5
f5d6d4387a498728573f51563fcc16c902a50aa7b50e57a5718c73ae6d5e58c1
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f88835a46ae9b629d1e5d92348431ad6d17e308e3ceb0f53f9024e83ab41fe6a
faef8bcb52d4fde34ab66683bb6b487fc90cbfd2cf026be4eea1c66bcf9911d1
fb489b39a4e9de76ba649ca6478ba1635c2e246945e301d01298f097760d73ee
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.cybrary.it Open in urlscan Pro 143.204.98.37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

97 %HTTPS

56 %IPv6

21 Domains

29 Subdomains

25 IPs

4 Countries

2661 kBTransfer

4729 kBSize

28 Cookies

13 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cybrary.it Open in urlscan Pro
143.204.98.37 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

97 %
HTTPS

56 %
IPv6

21
Domains

29
Subdomains

25
IPs

4
Countries

2661 kB
Transfer

4729 kB
Size

28
Cookies

103 HTTP transactions
1 data transactions