www.netspi.com Open in urlscan Pro
34.123.201.87 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-a...
Submission: On April 30 via manual (April 30th 2024, 7:03:52 am UTC) from GB — Scanned from GB

Summary HTTP 86 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 20 domains to perform 86 HTTP transactions. The main IP is 34.123.201.87, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.netspi.com. The Cisco Umbrella rank of the primary domain is 880611.
TLS certificate: Issued by R3 on April 11th 2024. Valid for: 3 months.

This is the only time www.netspi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	34.123.201.87 34.123.201.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.16.93.80 104.16.93.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:b600:4:d7e1:700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a01:111:202c... 2a01:111:202c::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.68.89.134 104.68.89.134	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	65.9.95.3 65.9.95.3	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
3	172.64.150.44 172.64.150.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:752b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:212... 2600:9000:2127:4800:f:7ae2:7780:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6810:762b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:212... 2600:9000:2127:ce00:f:7ae2:7780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:9e00:4:8491:f2c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.99.119 65.9.99.119	16509 (AMAZON-02) (AMAZON-02)
2 3	54.87.240.176 54.87.240.176	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.77.215.189 3.77.215.189	16509 (AMAZON-02) (AMAZON-02)
1 1	52.28.240.94 52.28.240.94	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	52.7.48.84 52.7.48.84	14618 (AMAZON-AES) (AMAZON-AES)
86	30

38 34.123.201.87 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.201.123.34.bc.googleusercontent.com

www.netspi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.93.80 (None, )

ASN13335 (CLOUDFLARENET, US)

explore.netspi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.tagembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:b600:4:d7e1:700:93a1 (United States)

ASN16509 (AMAZON-02, US)

sc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:111:202c::237 (United Kingdom)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.68.89.134 (Brussels, Belgium)

ASN16625 (AKAMAI-AS, US)
PTR: a104-68-89-134.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-3.prg50.r.cloudfront.net

tr-rc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

218-vhm-543.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.150.44 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:752b (United States)

ASN13335 (CLOUDFLARENET, US)

ws-assets.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:4800:f:7ae2:7780:93a1 (United States)

ASN16509 (AMAZON-02, US)

netspi.widget.insent.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:762b (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:ce00:f:7ae2:7780:93a1 (United States)

ASN16509 (AMAZON-02, US)

netspi.widget.insent.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:9e00:4:8491:f2c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.99.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-99-119.prg50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.87.240.176 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-240-176.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.77.215.189 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-215-189.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.240.94 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-240-94.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.48.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-48-84.compute-1.amazonaws.com

hemsync.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	netspi.com www.netspi.com — Cisco Umbrella Rank: 880611 explore.netspi.com	1 MB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 328 www.linkedin.com — Cisco Umbrella Rank: 613 px4.ads.linkedin.com — Cisco Umbrella Rank: 6223	3 KB
5	clickagy.com 2 redirects tags.clickagy.com — Cisco Umbrella Rank: 24652 aorta.clickagy.com — Cisco Umbrella Rank: 2146 hemsync.clickagy.com — Cisco Umbrella Rank: 21122	15 KB
5	zoominfo.com ws-assets.zoominfo.com — Cisco Umbrella Rank: 11694 ws.zoominfo.com — Cisco Umbrella Rank: 4706	30 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 6963	4 KB
3	google.com analytics.google.com — Cisco Umbrella Rank: 145 www.google.com — Cisco Umbrella Rank: 2	362 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 337	14 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	286 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 320	14 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 543 d.agkn.com — Cisco Umbrella Rank: 717	1 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1361 insight.adsrvr.org — Cisco Umbrella Rank: 622	4 KB
2	insent.ai netspi.widget.insent.ai	23 KB
2	google.com.br www.google.com.br — Cisco Umbrella Rank: 25086	127 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 36 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	2 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3820	6 KB
2	lfeeder.com sc.lfeeder.com — Cisco Umbrella Rank: 15454 tr-rc.lfeeder.com — Cisco Umbrella Rank: 20593	11 KB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 457	98 B
1	mktoresp.com 218-vhm-543.mktoresp.com	318 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 781	17 KB
1	tagembed.com widget.tagembed.com — Cisco Umbrella Rank: 50077	2 KB
86	20

	Domain	Requested by
38	www.netspi.com	www.netspi.com
6	explore.netspi.com	www.netspi.com explore.netspi.com
4	ws.zoominfo.com	js.zi-scripts.com ws-assets.zoominfo.com
4	px.ads.linkedin.com	3 redirects snap.licdn.com
3	aorta.clickagy.com	2 redirects tags.clickagy.com
3	js.zi-scripts.com	www.netspi.com js.zi-scripts.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.netspi.com
3	www.googletagmanager.com	www.netspi.com www.googletagmanager.com
3	cdn.jsdelivr.net	www.netspi.com
2	netspi.widget.insent.ai	js.zi-scripts.com netspi.widget.insent.ai
2	www.google.com.br	www.netspi.com
2	analytics.google.com	www.googletagmanager.com
2	munchkin.marketo.net	www.netspi.com munchkin.marketo.net
1	hemsync.clickagy.com	tags.clickagy.com
1	insight.adsrvr.org	js.adsrvr.org
1	idsync.rlcdn.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	js.adsrvr.org	www.netspi.com
1	tags.clickagy.com	www.netspi.com
1	ws-assets.zoominfo.com	js.zi-scripts.com
1	218-vhm-543.mktoresp.com	munchkin.marketo.net
1	www.google.com	www.netspi.com
1	px4.ads.linkedin.com	www.netspi.com
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	tr-rc.lfeeder.com	www.netspi.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	sc.lfeeder.com	www.netspi.com
1	widget.tagembed.com	www.netspi.com
86	31

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
www.netspi.com R3	`2024-04-11` - `2024-07-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
explore.netspi.com Cloudflare Inc ECC CA-3	`2023-08-04` - `2024-08-02`	a year	crt.sh
widget.tagembed.com E1	`2024-03-18` - `2024-06-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.lfeeder.com Amazon RSA 2048 M02	`2024-02-20` - `2025-03-20`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2024-04-30` - `2024-06-27`	2 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.google.com.br GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
zi-scripts.com GTS CA 1P5	`2024-03-29` - `2024-06-27`	3 months	crt.sh
zoominfo.com E1	`2024-04-19` - `2024-07-18`	3 months	crt.sh
*.widget.insent.ai Amazon RSA 2048 M03	`2024-01-30` - `2025-02-27`	a year	crt.sh
*.clickagy.com Amazon ECDSA 256 M02	`2023-09-22` - `2024-10-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Frame ID: 1769617131A644AE799CE644B1568556
Requests: 79 HTTP requests in this frame

Frame: https://explore.netspi.com/index.php/form/XDFrame
Frame ID: 1900C5B63C2CCEE29325F137B42B76DD
Requests: 2 HTTP requests in this frame

Frame: https://netspi.widget.insent.ai/?project_key=LzHbVnPnSAFA8zxSQwEB&blog_url=www.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-common-file-formats-at-a-glance%2F&event_listener=7IGdS8xeeA8LhDD&marketo_cookies=[%22_mch-netspi.com-1714460626197-78248%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined&user_id=14743e76aff6477f71aa1714460627&_zitok=14743e76aff6477f71aa1714460627
Frame ID: 6F61905996E693D85F84898D50AC656E
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=0tnmw1o&ref=https%3A%2F%2Fwww.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-common-file-formats-at-a-glance%2F&upid=d0i5hby&upv=1.1.0
Frame ID: 868010013889CDD6E01357A7FE55581D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Magic Bytes – Identifying Common File Formats at a Glance

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

86
Requests

97 %
HTTPS

55 %
IPv6

20
Domains

31
Subdomains

30
IPs

5
Countries

1763 kB
Transfer

3759 kB
Size

25
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.netspi.com/blog/technical-blog/web-application-pentesting/magic-bytes-identifying-common-file-formats-at-a-glance/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Magic%20Bytes%20%E2%80%93%20Identifying%20Common%20File%20Formats%20at%20a%20Glance&url=https://www.netspi.com/blog/technical-blog/web-application-pentesting/magic-bytes-identifying-common-file-formats-at-a-glance/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.netspi.com/blog/technical-blog/web-application-pentesting/magic-bytes-identifying-common-file-formats-at-a-glance/&title=Magic%20Bytes%20%E2%80%93%20Identifying%20Common%20File%20Formats%20at%20a%20Glance

Search URL Search Domain Scan URL

URL: https://www.facebook.com/netspi/

Search URL Search Domain Scan URL

URL: https://twitter.com/NetSPI

Search URL Search Domain Scan URL

URL: https://www.instagram.com/teamnetspi/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/netspi/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/NetSPILLC

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1614116&time=1714460626059&url=https%3A%2F%2Fwww.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-common-file-formats-at-a-glance%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1614116&time=1714460626059&url=https%3A%2F%2Fwww.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-common-file-formats-at-a-glance%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1614116%26time%3D1714460626059%26url%3Dhttps%253A%252F%252Fwww.netspi.com%252Fblog%252Ftechnical%252Fweb-application-penetration-testing%252Fmagic-bytes-identifying-common-file-formats-at-a-glance%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1614116&time=1714460626059&url=https%3A%2F%2Fwww.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-common-file-formats-at-a-glance%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1614116&time=1714460626059&url=https%3A%2F%2Fwww.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-common-file-formats-at-a-glance%2F&cookiesTest=true&liSync=true&e_ipv6=AQJ3RfAfZ6RRWwAAAY8t0Q-q6WPPlxyDtf9lUOH5IiwXfQ1Ic94WkPntc5ZL0TLGW72f6I4z5do

Request Chain 81

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag&ws=1 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:cc9653fce239f01df1fd9b9bda38c414&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D HTTP 302
https://d.agkn.com/pixel/10751/?che=1714460629819&ip=194.74.212.105&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D217023104868000645350 HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=217023104868000645350 HTTP 302
https://idsync.rlcdn.com/420246.gif?partner_uid=c:cc9653fce239f01df1fd9b9bda38c414

86 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ 114 KB
22 KB 683ms
319ms Document
text/html 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx / WP Engine

Resource Hash

67a2acd7d8b3cc61ac4e59eddb6e2a1d6307b10fe84dae58348b9c0dd2b6c12e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 30 Apr 2024 07:03:43 GMT
link: <https://www.netspi.com/wp-json/>; rel="https://api.w.org/" <https://www.netspi.com/wp-json/wp/v2/posts/19852>; rel="alternate"; type="application/json" <https://www.netspi.com/?p=19852>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

GET
H2 200 style.min.css
www.netspi.com/wp-includes/css/dist/block-library/ 111 KB
15 KB 183ms
180ms Stylesheet
text/css 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
last-modified: Mon, 29 Apr 2024 23:45:48 GMT
server: nginx
etag: W/"6630312c-1bae5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 tailwind.css
www.netspi.com/wp-content/themes/netspi/assets/css/ 69 KB
12 KB 164ms
161ms Stylesheet
text/css 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-content/themes/netspi/assets/css/tailwind.css?ver=6.5.2

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

96d172f89cd7e8cc1883a24e2c5646206d08cf5d0020b6883b72326bb2d5f65a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
last-modified: Mon, 29 Apr 2024 08:50:59 GMT
server: nginx
etag: W/"662f5f73-112b3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 main.css
www.netspi.com/wp-content/themes/netspi/assets/css/ 44 KB
7 KB 259ms
257ms Stylesheet
text/css 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-content/themes/netspi/assets/css/main.css?ver=6.5.2

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

85c16807aa46209df1cef9d5d433f7090cfdc0b1842abe1c3852a715a199bf5e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
last-modified: Mon, 29 Apr 2024 08:50:59 GMT
server: nginx
etag: W/"662f5f73-b041"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 enlighterjs.min.css
www.netspi.com/wp-content/plugins/enlighter/cache/ 85 KB
10 KB 260ms
258ms Stylesheet
text/css 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-content/plugins/enlighter/cache/enlighterjs.min.css?ver=3u8ujn1bPOn/RsD

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7b353c4eb717f25b63c61e713c91fdcc8f1822da8a5f29b474b8e8828ca762df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
last-modified: Mon, 29 Apr 2024 20:52:18 GMT
server: nginx
etag: W/"66300882-153e4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
www.netspi.com/wp-includes/js/jquery/ 86 KB
31 KB 262ms
260ms Script
application/javascript 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
last-modified: Thu, 09 Nov 2023 15:07:28 GMT
server: nginx
etag: W/"654cf5b0-15601"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
www.netspi.com/wp-includes/js/jquery/ 13 KB
5 KB 265ms
263ms Script
application/javascript 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
last-modified: Thu, 17 Aug 2023 20:42:59 GMT
server: nginx
etag: W/"64de8653-3509"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wonderpluginvideoembed.js Show response
www.netspi.com/wp-content/plugins/wonderplugin-video-embed/engine/ 19 KB
5 KB 355ms
353ms Script
application/javascript 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-content/plugins/wonderplugin-video-embed/engine/wonderpluginvideoembed.js?ver=2.0

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

4668869e9fa6de88c447a5d8589f5b4e1dd6bc1c384b27ad517629a0c2e86d02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
last-modified: Tue, 05 Mar 2024 15:29:00 GMT
server: nginx
etag: W/"65e73a3c-4c07"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H3 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
1 KB 159ms
43ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3682479
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220022-FRA, cache-lga21983-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cplnrj5i0ggaq4u9arBaFZjXpVilB4%2Bel3wvsPWHvQx9J0FrJHDeSsRUJZBUaq%2FBnkESnCRpiA1eL9%2BzpCKF3j5VVpw%2BwtBb4l3xRQSc04NnCONzZieFaA5NiMHnDvVoJ%2B5PQ3%2F8NyL4%2Byngs4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 87c5ac750c6463ed-LHR

GET
H3 200 slick-theme.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 3 KB
2 KB 160ms
44ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3667127
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230023-FRA, cache-lga21940-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FlQeNWBlRtPTDcxPKh6Y2e391ZBq%2BekfEz4nMiIXfAlDKnJQfE8vNZY24saMjX1j6KnxGCeM2QIK4CcAPo59PEVAlbAbwx1b4eSLPWr063iXtBHqkbIEifTJZZCZOXLO9WFnE1sSylFDE8bSicc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 87c5ac750c6263ed-LHR

GET
H2 200 logo-1.svg
www.netspi.com/wp-content/uploads/2024/04/ 3 KB
2 KB 355ms
354ms Image
image/svg+xml 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netspi.com/wp-content/uploads/2024/04/logo-1.svg

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

71bc82a96f363b7a9f72addb5313e652b8e32dca78fd2e2f9105226fe2e3a2b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
last-modified: Mon, 29 Apr 2024 08:40:27 GMT
server: nginx
etag: W/"662f5cfb-b11"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 NetSPI-Platform_Nav.webp
www.netspi.com/wp-content/uploads/2024/04/ 13 KB
13 KB 355ms
354ms Image
image/webp 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netspi.com/wp-content/uploads/2024/04/NetSPI-Platform_Nav.webp

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7ae8dccb72b5211f2b09f34f88792b4d02fecfa68ab0cd8e4c3a5b0ed174c40b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 29 Apr 2024 08:39:48 GMT
server: nginx
etag: "662f5cd4-34ec"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 13548

GET
H2 200 Resources-Page_eBooks-Whitepapers.webp
www.netspi.com/wp-content/uploads/2024/03/ 4 KB
5 KB 263ms
262ms Image
image/webp 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netspi.com/wp-content/uploads/2024/03/Resources-Page_eBooks-Whitepapers.webp

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

76445bfca8248f1a8d9de41d21883d905d83f1e578c744847fd0e07da806debf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 29 Apr 2024 08:40:41 GMT
server: nginx
etag: "662f5d09-11fa"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4602

GET
H2 200 Blog-Feature-Images-06.webp
www.netspi.com/wp-content/uploads/2024/03/ 1008 B
1 KB 293ms
293ms Image
image/webp 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netspi.com/wp-content/uploads/2024/03/Blog-Feature-Images-06.webp

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

8c89e5d907927017585a04ac7752006a0bc18275950fab206b56c7249acada2d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 29 Apr 2024 08:40:35 GMT
server: nginx
etag: "662f5d03-3f0"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1008

GET
H2 200 Partner-Page_Nav.webp
www.netspi.com/wp-content/uploads/2024/04/ 8 KB
8 KB 292ms
287ms Image
image/webp 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netspi.com/wp-content/uploads/2024/04/Partner-Page_Nav.webp

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

43b03636aee8f083adc26a2bf456c1511d817130906129c0789dab13f5b67b93

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 29 Apr 2024 08:39:54 GMT
server: nginx
etag: "662f5cda-1eaa"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7850

GET
H2 200 Blog-Feature-Images-03.webp
www.netspi.com/wp-content/uploads/2024/03/ 8 KB
8 KB 262ms
260ms Image
image/webp 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netspi.com/wp-content/uploads/2024/03/Blog-Feature-Images-03.webp

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

c31bd0f19e2107def0f40b01d84eb45e0869e22167e24a64ba0ff97de60219bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 29 Apr 2024 08:40:34 GMT
server: nginx
etag: "662f5d02-1ece"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7886

GET
H2 200 Justin_Bytes_Blog_1.png
www.netspi.com/wp-content/uploads/2013/07/ 23 KB
23 KB 265ms
262ms Image
image/png 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netspi.com/wp-content/uploads/2013/07/Justin_Bytes_Blog_1.png

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

5ce28be97f34b57d6124513b5d10cafc5efc9cae8d11856aa1a6b1e4fede43c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 22 Feb 2022 12:53:10 GMT
server: nginx
etag: "6214dcb6-5c4d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 23629

GET
H2 200 Justin_Bytes_Blog_2.png
www.netspi.com/wp-content/uploads/2013/07/ 23 KB
24 KB 266ms
264ms Image
image/png 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netspi.com/wp-content/uploads/2013/07/Justin_Bytes_Blog_2.png

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

74b438f68f43b06e63c2481f13c757fbc1e6c197252236717ee331b6bb3b548f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 22 Feb 2022 12:53:10 GMT
server: nginx
etag: "6214dcb6-5d12"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 23826

GET
H2 200 Justin_Bytes_Blog_3.png
www.netspi.com/wp-content/uploads/2013/07/ 23 KB
24 KB 267ms
265ms Image
image/png 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netspi.com/wp-content/uploads/2013/07/Justin_Bytes_Blog_3.png

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

60a72380597eb6cb9e08499b795fddaca51f492a1c6fd3abdf532b6684ceea93

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 22 Feb 2022 12:53:10 GMT
server: nginx
etag: "6214dcb6-5d69"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 23913

GET
H2 200 Blog-Feature-Images-04.webp
www.netspi.com/wp-content/uploads/2024/03/ 9 KB
9 KB 261ms
259ms Image
image/webp 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netspi.com/wp-content/uploads/2024/03/Blog-Feature-Images-04.webp

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

8d3e6674332114c69cb60eab9335502fef927b6006b07a0139fdf2487dd826f5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 29 Apr 2024 08:40:34 GMT
server: nginx
etag: "662f5d02-22a6"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 8870

GET
H2 200 Blog-Feature-Images-10.webp
www.netspi.com/wp-content/uploads/2024/03/ 17 KB
17 KB 263ms
261ms Image
image/webp 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netspi.com/wp-content/uploads/2024/03/Blog-Feature-Images-10.webp

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

2ce5b9658f9af75a57593304603b35b2c1cfe2bef46dce7c9dcbee5428a7c4da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 29 Apr 2024 08:40:36 GMT
server: nginx
etag: "662f5d04-4358"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 17240

GET
H2 200 forms2.min.js Show response
explore.netspi.com/js/forms2/js/ 199 KB
67 KB 367ms
58ms Script
application/x-javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://explore.netspi.com/js/forms2/js/forms2.min.js

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9649e0e9e5790f8d6b5e69aa4ff9969e8f7d72a84f8501ff9379078005124d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 04:13:58 GMT
server: cloudflare
age: 4333
etag: "120022e-31af8-616bbc873ed80"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 87c5ac7889a69562-LHR
expires: Tue, 30 Apr 2024 11:03:44 GMT

GET
H2 200 logo-2.svg
www.netspi.com/wp-content/uploads/2024/04/ 3 KB
2 KB 265ms
263ms Image
image/svg+xml 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netspi.com/wp-content/uploads/2024/04/logo-2.svg

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

6c4f55f918407057b3de08e464d15b3e8f9f7c9a197b5e3c9f4ac7e0df43caa9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
last-modified: Mon, 29 Apr 2024 08:40:27 GMT
server: nginx
etag: W/"662f5cfb-b18"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gdpr-cookie-consent-public.min.css
www.netspi.com/wp-content/plugins/gdpr-cookie-consent/public/css/ 46 KB
6 KB 362ms
358ms Stylesheet
text/css 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-content/plugins/gdpr-cookie-consent/public/css/gdpr-cookie-consent-public.min.css?ver=3.1.0

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

6a18781ed68182d00fc3c53f6f07a8d7fb0bdbde70c89796e7528e89c8b72856

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
last-modified: Fri, 19 Apr 2024 16:39:44 GMT
server: nginx
etag: W/"66229e50-b95a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gdpr-cookie-consent-public-custom.min.css
www.netspi.com/wp-content/plugins/gdpr-cookie-consent/public/css/ 0
225 B 270ms
266ms Stylesheet
text/css 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-content/plugins/gdpr-cookie-consent/public/css/gdpr-cookie-consent-public-custom.min.css?ver=3.1.0

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 29 Apr 2024 10:03:33 GMT
server: nginx
etag: "662f7075-0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 0

GET
H2 200 embed.min.js Show response
widget.tagembed.com/ 4 KB
2 KB 431ms
47ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.tagembed.com/embed.min.js?ver=5.1

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9427b5a7e6325220b12ef2818e5daeea24b453ac2c84d714e5f2bf13a545d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4571
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"31f7551d64dfd1c6b938daf81d9f68b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4IZW%2F92zBS1OkeBc%2BB7ROGjnlFFXzMM0de3q6Lsqu0QcsvTrbMH5lNeFFVuGYqd0rXLiXkSlW9LEXWs1v6KPv%2BTjJAowOBYGwbI69bE6W4%2BUD5Y3ycGHwstvgzZRgsCH4dQ8uBf3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, must-revalidate
cf-ray: 87c5ac78fafb24d1-LHR

GET
H3 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 44ms
41ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js?ver=1.8.1

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3671881
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230096-FRA, cache-lga21927-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vRZbrkwoNa%2FYw3ekJcB4sJ%2BB8v87uP3gKqjNPUqWhuwZjMhFRzNx%2BCBXx88MtP678xScsRxyrCj5gVmTTd5Slze8OZkey5EXi0BrEnppgXnYtZXAMKU66BjKwqk28%2F41NWGm5oHgiFOgDIK1Mqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 87c5ac769e4963ed-LHR

GET
H2 200 main.js Show response
www.netspi.com/wp-content/themes/netspi/assets/js/ 92 KB
19 KB 287ms
284ms Script
application/javascript 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-content/themes/netspi/assets/js/main.js

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

02b2b32a814a1f227043d5b9f78bc1c3152810208e2f8ec218f2cd2e9dc0e6e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
last-modified: Mon, 29 Apr 2024 08:50:58 GMT
server: nginx
etag: W/"662f5f72-17079"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 enlighterjs.min.js Show response
www.netspi.com/wp-content/plugins/enlighter/cache/ 62 KB
18 KB 289ms
286ms Script
application/javascript 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-content/plugins/enlighter/cache/enlighterjs.min.js?ver=3u8ujn1bPOn/RsD

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

b2d31599822dae1353d655633c6dbd9454ef2138d172798f4a91119eedd6d89d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
last-modified: Mon, 29 Apr 2024 20:52:18 GMT
server: nginx
etag: W/"66300882-f756"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bootstrap.bundle.js Show response
www.netspi.com/wp-content/plugins/gdpr-cookie-consent/public/js/bootstrap/ 223 KB
49 KB 260ms
256ms Script
application/javascript 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-content/plugins/gdpr-cookie-consent/public/js/bootstrap/bootstrap.bundle.js?ver=3.1.0

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

5dcb7767499a23281e3ffc82f81f58ad88d573c4d53b4f5315ae0f63eff79e9a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
last-modified: Fri, 19 Apr 2024 16:39:44 GMT
server: nginx
etag: W/"66229e50-37b1a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gdpr-cookie-consent-public.min.js Show response
www.netspi.com/wp-content/plugins/gdpr-cookie-consent/public/js/ 39 KB
8 KB 260ms
257ms Script
application/javascript 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-content/plugins/gdpr-cookie-consent/public/js/gdpr-cookie-consent-public.min.js?ver=3.1.0%27%20async=%27async

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

12a39e2f8f6e3370feb892aa37fbdb372e2d4b8c6fd4eeaeee6c695abff82052

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
last-modified: Fri, 19 Apr 2024 16:39:44 GMT
server: nginx
etag: W/"66229e50-9d9b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
BLOB 200
OK 41d89e7c-3b94-4849-8dfe-723987632737
https://www.netspi.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.netspi.com/41d89e7c-3b94-4849-8dfe-723987632737
Requested by: Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 303 KB
102 KB 290ms
100ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2QXZJ3

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3d7ad12b5e26575638ce567d753e8c640379f9c243fadad1bbae1a167f4d39e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103890
x-xss-protection: 0
last-modified: Tue, 30 Apr 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Apr 2024 07:03:44 GMT

GET
H2 200 Systemia-Light.ttf
www.netspi.com/wp-content/themes/netspi/assets/fonts/ 132 KB
133 KB 345ms
343ms Font
application/octet-stream 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-content/themes/netspi/assets/fonts/Systemia-Light.ttf

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/wp-content/themes/netspi/assets/css/main.css?ver=6.5.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d51720f0e2776240eb32dbee72b1f7575339298fe84e5fbd90ed6f61c746f452

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/wp-content/themes/netspi/assets/css/main.css?ver=6.5.2
Origin: https://www.netspi.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 29 Apr 2024 08:50:59 GMT
server: nginx
etag: "662f5f73-211d8"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 135640

GET
H2 200 Systemia-Semibold.ttf
www.netspi.com/wp-content/themes/netspi/assets/fonts/ 132 KB
132 KB 345ms
344ms Font
application/octet-stream 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-content/themes/netspi/assets/fonts/Systemia-Semibold.ttf

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/wp-content/themes/netspi/assets/css/main.css?ver=6.5.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

1aa235492307fc32a68f87b3b9a6dcc68dfe85ccd176d498b959e0d0e5c4f8ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/wp-content/themes/netspi/assets/css/main.css?ver=6.5.2
Origin: https://www.netspi.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 29 Apr 2024 08:50:59 GMT
server: nginx
etag: "662f5f73-20ff8"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 135160

GET
H2 200 Systemia-Medium.ttf
www.netspi.com/wp-content/themes/netspi/assets/fonts/ 132 KB
132 KB 345ms
344ms Font
application/octet-stream 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-content/themes/netspi/assets/fonts/Systemia-Medium.ttf

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/wp-content/themes/netspi/assets/css/main.css?ver=6.5.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

8d1429128b1d2a472af135cd0fb8be7b2dbe05e28ad5ad8f781e0e3e2e9d5660

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/wp-content/themes/netspi/assets/css/main.css?ver=6.5.2
Origin: https://www.netspi.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 29 Apr 2024 08:50:59 GMT
server: nginx
etag: "662f5f73-21050"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 135248

GET
H2 200 Systemia-Regular.ttf
www.netspi.com/wp-content/themes/netspi/assets/fonts/ 133 KB
133 KB 345ms
344ms Font
application/octet-stream 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-content/themes/netspi/assets/fonts/Systemia-Regular.ttf

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/wp-content/themes/netspi/assets/css/main.css?ver=6.5.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

12c979aea1f9805e559aedcdac73e21fcf2aff852b3afd94f281858a857f9e8d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/wp-content/themes/netspi/assets/css/main.css?ver=6.5.2
Origin: https://www.netspi.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 29 Apr 2024 08:50:59 GMT
server: nginx
etag: "662f5f73-21200"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 135680

GET
H2 200 RobotoMono-Regular.ttf
www.netspi.com/wp-content/themes/netspi/assets/fonts/ 123 KB
123 KB 344ms
343ms Font
application/octet-stream 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-content/themes/netspi/assets/fonts/RobotoMono-Regular.ttf

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/wp-content/themes/netspi/assets/css/main.css?ver=6.5.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7432e74ff02682c6e207be405f00381569ec96aa247d232762fe721ae41b39e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/wp-content/themes/netspi/assets/css/main.css?ver=6.5.2
Origin: https://www.netspi.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 29 Apr 2024 08:50:59 GMT
server: nginx
etag: "662f5f73-1ea94"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 125588

GET
H2 200 Systemia-Bold.ttf
www.netspi.com/wp-content/themes/netspi/assets/fonts/ 132 KB
132 KB 343ms
343ms Font
application/octet-stream 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-content/themes/netspi/assets/fonts/Systemia-Bold.ttf

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/wp-content/themes/netspi/assets/css/main.css?ver=6.5.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

88d9516344ee9330948beee567eefd7a8da9b8b58bef12556bbdbf630320cae9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/wp-content/themes/netspi/assets/css/main.css?ver=6.5.2
Origin: https://www.netspi.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 29 Apr 2024 08:50:59 GMT
server: nginx
etag: "662f5f73-20e00"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 134656

GET
H2 200 lftracker_v1_4lZPGEjjaJyELpBk.js Show response
sc.lfeeder.com/ 30 KB
11 KB 384ms
103ms Script
application/javascript 2600:9000:2127:b600:4:d7e1:700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.lfeeder.com/lftracker_v1_4lZPGEjjaJyELpBk.js
Requested by: Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:b600:4:d7e1:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22d9916f41ae31c44feae92841fc1d53284280b4fe3bb7a9c8ec9692a27d1b19

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 3t4KHmw77exFrocot3VF6EZmtAMu9w6C
content-encoding: br
via: 1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
date: Tue, 30 Apr 2024 06:22:41 GMT
last-modified: Mon, 29 Apr 2024 13:43:22 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 2464
x-amz-server-side-encryption: AES256
etag: W/"ce58d4a95d0a8ec31c1aa9d5e2d44561"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: z3Rkx0gz-n3th16hbdo90JNsZHos0kALAEo_DtazSxqy_1qGwcUetw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 322 KB
105 KB 80ms
79ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BVEZXBBWG7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2QXZJ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c905f2413a1e990eb88e59b7b22430976388bb3f24a74941869ad77e275f9a40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107009
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 Apr 2024 07:03:44 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 90ms
90ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1037035167&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2QXZJ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e15b7822f29544615fa3d39b2c7e2350806f80fd2ac38c8fa2a443b2c49f40a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81060
x-xss-protection: 0
last-modified: Tue, 30 Apr 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Apr 2024 07:03:44 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 48 KB
17 KB 1240ms
1079ms Script
application/javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2QXZJ3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9941d2ff1cc99d68acf87db2bf00d461644f6a6f222af62c2fba71be5a97b447

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-edgeconnect-origin-mex-latency: 160
date: Tue, 30 Apr 2024 07:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 29 Apr 2024 18:02:39 GMT
x-cdn: AKAM
x-edgeconnect-midmile-rtt: 0
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=39530
accept-ranges: bytes
content-length: 17091

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 154ms
43ms Script
application/javascript 2a01:111:202c::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2QXZJ3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 30 Apr 2024 07:03:44 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8747D4334C5448FB9E914FDB4710D59A Ref B: LON212050719021 Ref C: 2024-04-30T07:03:44Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 1350ms
109ms Script
application/x-javascript 104.68.89.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.68.89.134 Brussels, Belgium, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-68-89-134.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 30 Apr 2024 07:03:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 checkbox.svg
www.netspi.com/wp-content/themes/netspi/assets/images/ 185 B
399 B 1220ms
1220ms Image
image/svg+xml 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netspi.com/wp-content/themes/netspi/assets/images/checkbox.svg

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/wp-content/themes/netspi/assets/css/main.css?ver=6.5.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

39c8d9c734bbef2017f08838db55e01590493fdf7533dd1878e41ff01d345c56

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/wp-content/themes/netspi/assets/css/main.css?ver=6.5.2
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
last-modified: Mon, 29 Apr 2024 08:50:58 GMT
server: nginx
etag: W/"662f5f72-b9"
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 getForm Show response
explore.netspi.com/index.php/form/ 12 KB
3 KB 1404ms
1404ms Script
application/javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://explore.netspi.com/index.php/form/getForm?munchkinId=218-VHM-543&form=1490&url=https%3A%2F%2Fwww.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-common-file-formats-at-a-glance%2F&callback=jQuery37107409528226224884_1714460624804&_=1714460624805
Requested by: Host: explore.netspi.com
URL: https://explore.netspi.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d88e3e2e246579bd972a8af6437c7b5c76c10e7412588dd20b19c6e1fda75f70

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-form-service-request-id: c70a#18f2dd10925
x-marketo-source: Form Service
cf-ray: 87c5ac793a5d9562-LHR
cached: false

GET
H2 200 RobotoMono-Light.ttf
www.netspi.com/wp-content/themes/netspi/assets/fonts/ 126 KB
126 KB 1207ms
1207ms Font
application/octet-stream 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-content/themes/netspi/assets/fonts/RobotoMono-Light.ttf

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/wp-content/themes/netspi/assets/css/main.css?ver=6.5.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

4f1220ab0b472ddaa9c7cb0057639ca685b6fab04aa85d9e130191970fa3557c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/wp-content/themes/netspi/assets/css/main.css?ver=6.5.2
Origin: https://www.netspi.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 29 Apr 2024 08:50:59 GMT
server: nginx
etag: "662f5f73-1f848"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 129096

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1037035167/ 4 KB
1 KB 1195ms
61ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1037035167/?random=1714460624928&cv=11&fst=1714460624928&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9167099490z878033417za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-common-file-formats-at-a-glance%2F&hn=www.googleadservices.com&frm=0&tiba=Magic%20Bytes%20%E2%80%93%20Identifying%20Common%20File%20Formats%20at%20a%20Glance&npa=0&pscdl=noapi&auid=45684207.1714460625&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1037035167&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03bb41e28840e2b04be37373b251d29229da0eb272e6cbb94e50179992f38df6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 30 Apr 2024 07:03:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1510
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
tr-rc.lfeeder.com/ 43 B
294 B 1243ms
153ms Image
image/gif 65.9.95.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr-rc.lfeeder.com/?sid=4lZPGEjjaJyELpBk&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6W10sImdhQ2xpZW50SWRzIjpbXSwiY29udGV4dCI6eyJsaWJyYXJ5Ijp7Im5hbWUiOiJsZnRyYWNrZXIiLCJ2ZXJzaW9uIjoiMi42Mi4zIn0sInBhZ2VVcmwiOiJodHRwczovL3d3dy5uZXRzcGkuY29tL2Jsb2cvdGVjaG5pY2FsL3dlYi1hcHBsaWNhdGlvbi1wZW5ldHJhdGlvbi10ZXN0aW5nL21hZ2ljLWJ5dGVzLWlkZW50aWZ5aW5nLWNvbW1vbi1maWxlLWZvcm1hdHMtYXQtYS1nbGFuY2UvIiwicGFnZVRpdGxlIjoiTWFnaWMgQnl0ZXMg4oCTIElkZW50aWZ5aW5nIENvbW1vbiBGaWxlIEZvcm1hdHMgYXQgYSBHbGFuY2UiLCJyZWZlcnJlciI6IiJ9LCJldmVudCI6InRyYWNraW5nLWV2ZW50IiwiY2xpZW50RXZlbnRJZCI6IjJhZDcwMzI4ZGIwY2JiMTEiLCJzY3JpcHRJZCI6IjRsWlBHRWpqYUp5RUxwQmsiLCJjb29raWVzRW5hYmxlZCI6dHJ1ZSwiY29uc2VudExldmVsIjoibm9uZSIsImFub255bWl6ZUlwIjpmYWxzZSwibGZDbGllbnRJZCI6IkxGMS4xLjUxNTJlMDQwN2FkZTI0NzguMTcxNDQ2MDYyNDk0MCIsImZvcmVpZ25Db29raWVzIjpbXSwicHJvcGVydGllcyI6e30sImF1dG9UcmFja2luZ0VuYWJsZWQiOnRydWUsImF1dG9UcmFja2luZ01vZGUiOiJvbl9zY3JpcHRfbG9hZCJ9
Requested by: Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-3.prg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:46 GMT
via: 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: 6_v1MyV77LbeRCjoIGCdJW6ivqq3oCByAbcXjdacOcJ8DCrwXPXTfg==

POST
H2 204 collect
analytics.google.com/g/ 0
253 B 1310ms
121ms Ping
text/plain 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-BVEZXBBWG7&gtm=45je44t0v893812811z878033417za200&_p=1714460624395&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=270306456.1714460625&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714460624&sct=1&seg=0&dl=https%3A%2F%2Fwww.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-common-file-formats-at-a-glance%2F&dt=Magic%20Bytes%20%E2%80%93%20Identifying%20Common%20File%20Formats%20at%20a%20Glance&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1640
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BVEZXBBWG7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 30 Apr 2024 07:03:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.netspi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
244 B 1224ms
57ms Ping
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BVEZXBBWG7&cid=270306456.1714460625&gtm=45je44t0v893812811z878033417za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BVEZXBBWG7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 30 Apr 2024 07:03:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.netspi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.br/ads/ 42 B
63 B 1203ms
51ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.br/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BVEZXBBWG7&cid=270306456.1714460625&gtm=45je44t0v893812811z878033417za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=1202378835

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 30 Apr 2024 07:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 343117170.js Show response
bat.bing.com/p/action/ 0
117 B 1061ms
1061ms Script
text/plain 2a01:111:202c::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343117170.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 30 Apr 2024 07:03:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 17825D3DE24E414AB0086A6C7591A7B2 Ref B: LON212050719021 Ref C: 2024-04-30T07:03:46Z
x-cache: CONFIG_NOCACHE

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1614116&time=1714460626059&url=https%3A%2F%2Fwww.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-com...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1614116&time=1714460626059&url=https%3A%2F%2Fwww.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-com...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1614116%26time%3D1714460626059%26url%3Dhttps%253A%252F%252Fwww.netspi.com%252Fblo...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1614116&time=1714460626059&url=https%3A%2F%2Fwww.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-com...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1614116&time=1714460626059&url=https%3A%2F%2Fwww.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-co...

0
266 B

290ms
161ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1614116&time=1714460626059&url=https%3A%2F%2Fwww.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-common-file-formats-at-a-glance%2F&cookiesTest=true&liSync=true&e_ipv6=AQJ3RfAfZ6RRWwAAAY8t0Q-q6WPPlxyDtf9lUOH5IiwXfQ1Ic94WkPntc5ZL0TLGW72f6I4z5do
Requested by: Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://www.netspi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Apr 2024 07:03:47 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 4762ADB42CE14004857C8729C9A66258 Ref B: LON04EDGE0919 Ref C: 2024-04-30T07:03:47Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYXSvipfkVdkE78bnTFMg==

Redirect headers

date: Tue, 30 Apr 2024 07:03:46 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: F0E45F91E96A44A8A8175A5390A35179 Ref B: LON04EDGE1015 Ref C: 2024-04-30T07:03:46Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1614116&time=1714460626059&url=https%3A%2F%2Fwww.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-common-file-formats-at-a-glance%2F&cookiesTest=true&liSync=true&e_ipv6=AQJ3RfAfZ6RRWwAAAY8t0Q-q6WPPlxyDtf9lUOH5IiwXfQ1Ic94WkPntc5ZL0TLGW72f6I4z5do
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYXSvilCxYjeDzirfjeDw==

GET
H2 200 wp-emoji-release.min.js Show response
www.netspi.com/wp-includes/js/ 18 KB
5 KB 126ms
126ms Script
application/javascript 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:46 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
last-modified: Mon, 29 Apr 2024 23:45:48 GMT
server: nginx
etag: W/"6630312c-4926"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 caret-down.svg
www.netspi.com/wp-content/themes/netspi/assets/images/ 344 B
495 B 364ms
363ms Image
image/svg+xml 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netspi.com/wp-content/themes/netspi/assets/images/caret-down.svg

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/wp-content/themes/netspi/assets/css/main.css?ver=6.5.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

1c6b369cdacf4dc7dda9f815f22482dbdbdb33febdc504178b6bf57d77c895f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/wp-content/themes/netspi/assets/css/main.css?ver=6.5.2
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:46 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
last-modified: Mon, 29 Apr 2024 08:50:58 GMT
server: nginx
etag: W/"662f5f72-158"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

POST
H2 200 admin-ajax.php Show response
www.netspi.com/wp-admin/ 1 B
429 B 359ms
358ms XHR
text/html 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-admin/admin-ajax.php

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx / WP Engine

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:46 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: br
server: nginx
x-powered-by: WP Engine
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.netspi.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
288 B 42ms
42ms Image
text/plain 2a01:111:202c::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343117170&tm=gtm002&Ver=2&mid=7b4cfebf-e645-484f-bf2e-0ac7c82da540&sid=c982a1c006bf11efb44825e59170ee0d&vid=c982c82006bf11efb01321a8bceebd0b&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=en-GB&sw=1600&sh=1200&sc=24&tl=Magic%20Bytes%20%E2%80%93%20Identifying%20Common%20File%20Formats%20at%20a%20Glance&p=https%3A%2F%2Fwww.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-common-file-formats-at-a-glance%2F&r=&lt=2738&evt=pageLoad&sv=1&rn=251541

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Apr 2024 07:03:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EDE0C5F77D634646BD7873FE63DDDFA9 Ref B: LON212050719021 Ref C: 2024-04-30T07:03:46Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 44ms
42ms Script
application/x-javascript 104.68.89.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.68.89.134 Brussels, Belgium, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-68-89-134.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 30 Apr 2024 07:03:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Thu, 08 Aug 2024 07:03:46 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1037035167/ 42 B
64 B 217ms
49ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1037035167/?random=1714460624928&cv=11&fst=1714460400000&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9167099490z878033417za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-common-file-formats-at-a-glance%2F&hn=www.googleadservices.com&frm=0&tiba=Magic%20Bytes%20%E2%80%93%20Identifying%20Common%20File%20Formats%20at%20a%20Glance&npa=0&pscdl=noapi&auid=45684207.1714460625&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqPKZ8Tklok9PuQRvvj8fXi6JBrleuAw&random=2835849431&rmt_tld=0&ipr=y

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 30 Apr 2024 07:03:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.br/pagead/1p-user-list/1037035167/ 42 B
64 B 51ms
50ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.br/pagead/1p-user-list/1037035167/?random=1714460624928&cv=11&fst=1714460400000&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9167099490z878033417za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-common-file-formats-at-a-glance%2F&hn=www.googleadservices.com&frm=0&tiba=Magic%20Bytes%20%E2%80%93%20Identifying%20Common%20File%20Formats%20at%20a%20Glance&npa=0&pscdl=noapi&auid=45684207.1714460625&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqPKZ8Tklok9PuQRvvj8fXi6JBrleuAw&random=2835849431&rmt_tld=1&ipr=y

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 30 Apr 2024 07:03:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK visitWebPage
218-vhm-543.mktoresp.com/webevents/ 2 B
318 B 595ms
107ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://218-vhm-543.mktoresp.com/webevents/visitWebPage?_mchNc=1714460626198&_mchCn=&_mchId=218-VHM-543&_mchTk=_mch-netspi.com-1714460626197-78248&_mchHo=www.netspi.com&_mchPo=&_mchRu=%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-common-file-formats-at-a-glance%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 30 Apr 2024 07:03:46 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: d3918540-8e97-4575-bf51-f37acb58ef92

GET
H2 200 forms2.css
explore.netspi.com/js/forms2/css/ 13 KB
3 KB 45ms
44ms Stylesheet
text/css 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://explore.netspi.com/js/forms2/css/forms2.css

Requested by

Host: explore.netspi.com
URL: https://explore.netspi.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 04:13:58 GMT
server: cloudflare
age: 3269
etag: "1200207-3437-616bbc873ed80"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 87c5ac820b499562-LHR
content-length: 2623
expires: Tue, 30 Apr 2024 11:03:46 GMT

GET
H2 200 forms2-theme-simple.css
explore.netspi.com/js/forms2/css/ 826 B
365 B 43ms
43ms Stylesheet
text/css 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://explore.netspi.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: explore.netspi.com
URL: https://explore.netspi.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 04:13:58 GMT
server: cloudflare
age: 3269
etag: "12001bf-33a-616bbc873ed80"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 87c5ac820b4a9562-LHR
content-length: 242
expires: Tue, 30 Apr 2024 11:03:46 GMT

GET
H2 200 XDFrame Show response
explore.netspi.com/index.php/form/ Frame 1900 2 KB
736 B 127ms
126ms Document
text/html 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://explore.netspi.com/index.php/form/XDFrame

Requested by

Host: explore.netspi.com
URL: https://explore.netspi.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c38e8db6a8ec20b1058d400f4c9236e5014716f0442e90298b12d63b1a88437c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://www.netspi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 87c5ac82cbf79562-LHR
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 30 Apr 2024 07:03:46 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 forms2.min.js Show response
explore.netspi.com/js/forms2/js/ Frame 1900 199 KB
0 1ms
0ms Script
application/x-javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://explore.netspi.com/js/forms2/js/forms2.min.js

Requested by

Host: explore.netspi.com
URL: https://explore.netspi.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9649e0e9e5790f8d6b5e69aa4ff9969e8f7d72a84f8501ff9379078005124d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://explore.netspi.com/index.php/form/XDFrame
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2024 04:13:58 GMT
server: cloudflare
age: 4333
etag: "120022e-31af8-616bbc873ed80"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 87c5ac7889a69562-LHR
expires: Tue, 30 Apr 2024 11:03:44 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
212 B 184ms
183ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://www.netspi.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:46 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: B6E56C028FC845B59AF72B4E2E325AF4 Ref B: LON04EDGE1015 Ref C: 2024-04-30T07:03:47Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://www.netspi.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYXSvisT0NMSv0eghM6cw==

GET
H3 200 zi-tag.js Show response
js.zi-scripts.com/ 9 KB
3 KB 178ms
53ms Script
application/javascript 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7914b5c306a51678e7d777317f64c95d31437c47344063ec422c6bb2b4d9d718

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:47 GMT
x-amz-version-id: dVMibCEMTCuxskBoUeMfPfbdoSsUE0a9
via: 1.1 cd9356e27582317dbf5532faf4a88586.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
content-encoding: gzip
x-amz-cf-pop: LHR62-C2
age: 75824
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 17 Apr 2024 10:26:25 GMT
server: cloudflare
etag: W/"20a410e0e98a302abb9e907a2c7e0d10"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 87c5ac8909cadd13-LHR
x-amz-cf-id: a4epM9bTl2jyGEairj0nOYFbb1DUAMdql9XpqgH6NhEZ2EvYIfO5BA==

GET
H2 200 favicon.png
www.netspi.com/wp-content/uploads/2024/03/ 548 B
786 B 126ms
126ms Other
image/png 34.123.201.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netspi.com/wp-content/uploads/2024/03/favicon.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.123.201.87 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

87.201.123.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

30a47f7bce82ac3e4f3c918dbb5b3916ba998eb62a1f4b42957fad5c5804cb65

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:47 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 29 Apr 2024 08:40:48 GMT
server: nginx
etag: "662f5d10-224"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 548

GET
H3 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 267 B
603 B 177ms
177ms Fetch
application/json 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 02bce09932864ee885477959d5f6c37d5dc9ed86e61fe29878947344d044affe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer 902c55639d1679919580
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.netspi.com/
visited_url: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Response headers

date: Tue, 30 Apr 2024 07:03:47 GMT
via: 1.1 af0ad6fe38e7d108cc69818822aae89c.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-cf-pop: LHR62-C2
x-powered-by: Express
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
apigw-requestid: XBypIjUEvHcETxQ=
server: cloudflare
etag: W/"10b-MlwwgYmxCV3qdL8TL/L0d8oc538"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 87c5ac8b2f8c944b-LHR
x-amz-cf-id: QNWQXZiEGkgf1I6fn-fDxjdM-AXoJzzsvYMj2GN-IUYuhzzRy63cmw==

OPTIONS
H3 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 273ms
178ms Preflight 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://www.netspi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
apigw-requestid: XBypHjPUPHcESIg=
cf-cache-status: DYNAMIC
cf-ray: 87c5ac8a0e31944b-LHR
date: Tue, 30 Apr 2024 07:03:47 GMT
server: cloudflare
vary: Access-Control-Request-Headers
via: 1.1 f88c74b40ad8e84568ddecbc201037d4.cloudfront.net (CloudFront)
x-amz-cf-id: XNytg5Jcizh9MY4txjJ-PzXvOgaqclF5cSQzFgHDKGFnxk4wMN5sAA==
x-amz-cf-pop: LHR62-C2
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H3 200 formcomplete.js Show response
ws-assets.zoominfo.com/ 89 KB
27 KB 167ms
52ms Script
application/javascript 2606:4700::6810:752b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-assets.zoominfo.com/formcomplete.js
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:752b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d6346e978f8214288a06312ff6006113d1ef96be66755c67b00d4b24490edd4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:48 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 1653
x-guploader-uploadid: ABPtcPr1sEkfpn-UdyFN0otrru-aGgFsXR-u16AbZCAGZkKCTFNbDcPCOGkDOrhS8DTGabwlqQoM-8rr1A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 17 Apr 2024 11:22:28 GMT
server: cloudflare
etag: W/"d3b4774a46d8fd50ce9d458b28ae8ef3"
x-goog-hash: crc32c=Su6fug==, md5=07R3SkbY/VDOnUWLKK6O8w==
x-goog-generation: 1713352947933858
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 91541
cf-ray: 87c5ac8d0df493dc-LHR
expires: Tue, 30 Apr 2024 07:36:15 GMT

GET
H2 200 insent Show response
netspi.widget.insent.ai/ 80 KB
23 KB 315ms
85ms Script
binary/octet-stream 2600:9000:2127:4800:f:7ae2:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://netspi.widget.insent.ai/insent
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:4800:f:7ae2:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0e96c0f51eb10934d2022f7d30dbeaf05f748f85d32dfe71711f2dbb21621d8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Do3I7W1ZAWXrXjTz8nc5rLMLlRnTeriu
content-encoding: gzip
via: 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
date: Tue, 30 Apr 2024 01:17:56 GMT
last-modified: Wed, 18 Oct 2023 08:56:44 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 20866
etag: "6c640d0008fb2a23a0ff942202f8657c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: binary/octet-stream
content-length: 23142
x-amz-cf-id: DlqUO7p2Mis81QAmV9SEzLhD9TOlk1cW90VE9wnJ-LZq0bcArXT4kw==

GET
H3 200 / Show response
ws.zoominfo.com/pixel/Fa33QMviCG56ZRDkI7hZ/ 5 KB
2 KB 618ms
506ms Fetch
text/javascript 2606:4700::6810:762b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/Fa33QMviCG56ZRDkI7hZ/?iszitag=true

Requested by

Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:762b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c52a637262f56be3b303c55c10ee4814e03d04c6ee6476e99fe52600c4dc1c57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/javascript
visited-url: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Referer: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
_vtok: MTk0Ljc0LjIxMi4xMDU=
_zitok: 14743e76aff6477f71aa1714460627
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.netspi.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 87c5ac8f0e6e4883-LHR

OPTIONS
H3 200 /
ws.zoominfo.com/pixel/Fa33QMviCG56ZRDkI7hZ/ Frame 0
0 312ms
191ms Preflight
text/html 2606:4700::6810:762b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/Fa33QMviCG56ZRDkI7hZ/?iszitag=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:762b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type,visited-url
Access-Control-Request-Method: GET
Origin: https://www.netspi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin: https://www.netspi.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87c5ac8d18e6dd82-LHR
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 30 Apr 2024 07:03:48 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

OPTIONS
H3 200 forms
ws.zoominfo.com/formcomplete-v2/ Frame 0
0 179ms
179ms Preflight
text/html 2606:4700::6810:762b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:762b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.netspi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin: https://www.netspi.com
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87c5ac8d994cdd82-LHR
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 30 Apr 2024 07:03:48 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

POST
H3 200 forms Show response
ws.zoominfo.com/formcomplete-v2/ 2 B
379 B 241ms
192ms Fetch
application/json 2606:4700::6810:762b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Requested by

Host: ws-assets.zoominfo.com
URL: https://ws-assets.zoominfo.com/formcomplete.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:762b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: bearer 343bdc548baf614fb544ade874ca71
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.netspi.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:48 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.netspi.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
content-length: 2
cf-ray: 87c5ac8f0e724883-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 /
netspi.widget.insent.ai/ Frame 6F61 0
0 270ms
86ms Document
text/html 2600:9000:2127:ce00:f:7ae2:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://netspi.widget.insent.ai/?project_key=LzHbVnPnSAFA8zxSQwEB&blog_url=www.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-common-file-formats-at-a-glance%2F&event_listener=7IGdS8xeeA8LhDD&marketo_cookies=[%22_mch-netspi.com-1714460626197-78248%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined&user_id=14743e76aff6477f71aa1714460627&_zitok=14743e76aff6477f71aa1714460627
Requested by: Host: netspi.widget.insent.ai
URL: https://netspi.widget.insent.ai/insent
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:ce00:f:7ae2:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://www.netspi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 9758734
cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html
date: Mon, 08 Jan 2024 08:18:15 GMT
etag: W/"cea936b357d0fefbe67f396ac27ecc71"
last-modified: Wed, 18 Oct 2023 08:56:50 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
x-amz-cf-id: dz243izpxOBolyjDDWeoeaPd4CXWYGTW8GPDMsIZuiAk7Rw9duvCNw==
x-amz-cf-pop: PRG50-C1
x-amz-version-id: wf2lJ.cKt7e1wlMSlpAOAV_K1ZPwVE5q
x-cache: Error from cloudfront

GET
H2 200 data.js Show response
tags.clickagy.com/ 36 KB
13 KB 275ms
58ms Script
application/javascript 2600:9000:2127:9e00:4:8491:f2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95

Requested by

Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:9e00:4:8491:f2c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

85b9dffd781e47c571a53afc2f594c53f9c49ebeadc9adc3fc720d4a6e3a688b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 9OWM.Z0Dh.HHVWQAeO49BBTVx4LoDSWJ
content-encoding: gzip
via: 1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront)
date: Tue, 30 Apr 2024 06:00:09 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: PRG50-C1
age: 3847
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Feb 2024 19:03:11 GMT
server: AmazonS3
etag: W/"9d6129b555ace3efebf194d38a3e562d"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: rXcIVSe6CTIv6y-h21qALdSN4i_Z8PGgmHk2s2iGOEFgpdyhRR_Obg==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 10 KB
4 KB 295ms
103ms Script
application/x-javascript 65.9.99.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.netspi.com
URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.99.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-99-119.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a95689e90e588b166f7b3ecd334959a2d6a3da1d73d557c8fb72fa10cf465dd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 30 Apr 2024 04:35:17 GMT
Content-Encoding: gzip
Via: 1.1 3da92f19744e3229b09a019ec66be172.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Apr 2024 19:49:47 GMT
Server: AmazonS3
X-Amz-Cf-Pop: PRG50-C1
Age: 8913
ETag: W/"d6f0435164aefe6cf324147b77c7b6bb"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: Ta8b6H9riHE3UBgwfHrQXGnO05tVbd0u0pjtaPbwk4QQX40WrpiJkw==

POST
H2 200 data Show response
aorta.clickagy.com/ 57 B
505 B 492ms
204ms XHR
application/json 54.87.240.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aorta.clickagy.com/data
Requested by: Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.240.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-240-176.compute-1.amazonaws.com
Software: Aorta/20240426.386bdbeed /
Resource Hash: 4f419b027e9190090e16e711a5bc3e4fe9a27009744a399b562b64e7b0868e2a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 30 Apr 2024 07:03:49 GMT
content-encoding: gzip
server: Aorta/20240426.386bdbeed
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.netspi.com
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 390f7072bb30
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 82

GET
H2

451

420246.gif
idsync.rlcdn.com/
Redirect Chain

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag&ws=1
https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:cc9653fce239f01df1fd9b9bda38c414&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D
https://d.agkn.com/pixel/10751/?che=1714460629819&ip=194.74.212.105&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D217023104868000645350
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=217023104868000645350
https://idsync.rlcdn.com/420246.gif?partner_uid=c:cc9653fce239f01df1fd9b9bda38c414

0
98 B

403ms
282ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:cc9653fce239f01df1fd9b9bda38c414
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://www.netspi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Apr 2024 07:03:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Tue, 30 Apr 2024 07:03:50 GMT
server: Aorta/20240426.386bdbeed
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
location: https://idsync.rlcdn.com/420246.gif?partner_uid=c:cc9653fce239f01df1fd9b9bda38c414
access-control-allow-origin: *
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 93ec733ce056
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2 200 up
insight.adsrvr.org/track/ Frame 8680 0
0 229ms
98ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=0tnmw1o&ref=https%3A%2F%2Fwww.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-common-file-formats-at-a-glance%2F&upid=d0i5hby&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://www.netspi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 0
content-type: text/html
date: Tue, 30 Apr 2024 07:03:49 GMT
server: Kestrel

GET
H2 200 hasHashes Show response
hemsync.clickagy.com/external/ 2 B
325 B 473ms
188ms XHR
text/plain 52.7.48.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
Requested by: Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.7.48.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-48-84.compute-1.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:03:49 GMT
content-encoding: gzip
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.netspi.com
access-control-expose-headers: content-length, last-modified, expires, content-type
access-control-allow-credentials: true
content-length: 28

POST
H2 204 collect
analytics.google.com/g/ 0
45 B 50ms
49ms Ping
text/plain 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-BVEZXBBWG7&gtm=45je44t0v893812811z878033417za200&_p=1714460624395&gcd=13l3l3l3l1&npa=0&dma=0&cid=270306456.1714460625&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&sid=1714460624&sct=1&seg=0&dl=https%3A%2F%2Fwww.netspi.com%2Fblog%2Ftechnical%2Fweb-application-penetration-testing%2Fmagic-bytes-identifying-common-file-formats-at-a-glance%2F&dt=Magic%20Bytes%20%E2%80%93%20Identifying%20Common%20File%20Formats%20at%20a%20Glance&en=10%25%20Scroll&_et=2264&tfd=8907
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BVEZXBBWG7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.netspi.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 30 Apr 2024 07:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.netspi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.netspi.com/	1970-01-20 20:17:13	Name: pi_opt_in427532 Value: false
.explore.netspi.com/	1970-01-20 20:14:22	Name: __cf_bm Value: abCikoOKqE554SVXiaKBkIZqU37GBIp.UsnhvNCrljY-1714460624-1.0.1.1-0GQUJghrmDTFzQob4ZRyqzVFBdtkblN1NQkXVyvzHpfEwpJj7Z4QdHWsH7gn4Q2823B0lm7ew82Ja7rlX5oJ.w
.netspi.com/	1970-01-20 22:23:56	Name: _gcl_au Value: 1.1.45684207.1714460625
.netspi.com/	1970-01-21 04:59:56	Name: _lfa Value: LF1.1.5152e0407ade2478.1714460624940
.netspi.com/	1970-01-21 05:50:20	Name: _ga Value: GA1.1.270306456.1714460625
www.netspi.com/	1970-01-21 04:59:56	Name: wpl_user_preference Value: %7B%22necessary%22%3A%22yes%22%2C%22marketing%22%3A%22no%22%2C%22analytics%22%3A%22no%22%2C%22preferences%22%3A%22no%22%2C%22unclassified%22%3A%22no%22%7D
.netspi.com/	1970-01-20 20:15:47	Name: _uetsid Value: c982a1c006bf11efb44825e59170ee0d
.netspi.com/	1970-01-21 05:35:56	Name: _uetvid Value: c982c82006bf11efb01321a8bceebd0b
.doubleclick.net/	1970-01-20 20:14:21	Name: test_cookie Value: CheckForPermission
.bing.com/	1970-01-21 05:35:56	Name: MUID Value: 0D622876D943643D0D7A3C07D8456552
.netspi.com/	1970-01-21 05:50:20	Name: _mkto_trk Value: id:218-VHM-543&token:_mch-netspi.com-1714460626197-78248
explore.netspi.com/	1969-12-31 23:59:59	Name: BIGipServerab62web-nginx-app_https Value: !qfjmA86fA9U6y6KkCIQPm+cqSAXSEYi8suYjX+9gYAjvfalctEjRBOHE7KID3oQIbn8syTzUuhDL1HE=
.linkedin.com/	1970-01-20 22:23:56	Name: li_sugr Value: 08b5c642-711d-4d5f-abe5-120babc8c3d6
.linkedin.com/	1970-01-21 04:59:56	Name: bcookie Value: "v=2&19b15a46-98ca-42d5-8029-779957761512"
.linkedin.com/	1970-01-20 20:15:47	Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=3010:u=1:x=1:i=1714460626:t=1714547026:v=2:sig=AQFJ5sWsFmTD6icG6ecrkq2zPw0-oG-8"
.linkedin.com/	1970-01-20 20:57:32	Name: UserMatchHistory Value: AQKJWYrpPitDVgAAAY8t0Q5VJEmW_dGZ5Y0k625vJxJyil1iVAnqnEXa3-ZzzMF-n5_tWNT2JynEIw
.linkedin.com/	1970-01-20 20:57:32	Name: AnalyticsSyncHistory Value: AQLHIz6xmDKaOQAAAY8t0Q5VXDb12fx2QA6mZ6EYjXk626KtXzpWxZwEPJvrJxs9qG7p4X1X-vQBCEZfgnWmcA
.www.linkedin.com/	1970-01-21 04:59:56	Name: bscookie Value: "v=1&2024043007034651f0c688-59e6-4f86-8352-52572e4857d0AQHRcW4sJuURsSOcLNpIl0lDxt_KM40W"
.linkedin.com/	1970-01-21 00:33:32	Name: li_gc Value: MTswOzE3MTQ0NjA2MjY7MjswMjFRzH9JTz6ZHdL9iJQF/uEBSn/rgJhe6iobX8qzZ9Z/hA==
.netspi.com/	1970-01-21 05:50:20	Name: _ga_BVEZXBBWG7 Value: GS1.1.1714460624.1.0.1714460627.57.0.0
.www.netspi.com/	1970-01-21 04:59:56	Name: _zitok Value: 14743e76aff6477f71aa1714460627
.zoominfo.com/	1970-01-20 20:14:22	Name: __cf_bm Value: tRGR5EiXzHYNPlEXAENcKyickn4j1uUz8Hmm5AmXReA-1714460628-1.0.1.1-f0eC0C4xuupyJH774PdY5Sd83Qx8vM4UYnRY50A8kl3jNkbzBhqAqDoOdYUeI5apbI0AzPNdUhGk.r9gNd7w4w
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: JYV11PYVnG.1c9rC8ZwrwP30IYzRW1djTj8YQ5KrUew-1714460628027-0.0.1.1-604800000
.agkn.com/	1970-01-21 04:59:56	Name: ab Value: 0001%3Asu6NZoyj4%2BFmALDALqd9WvDxKUIXJRoi
.agkn.com/	1970-01-21 04:59:56	Name: u Value: C\|0AAAAAAAALcNUVgAAAAAA

48 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:cc9653fce239f01df1fd9b9bda38c414 Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.netspi.com/blog/technical/web-application-penetration-testing/magic-bytes-identifying-common-file-formats-at-a-glance/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

218-vhm-543.mktoresp.com
aa.agkn.com
analytics.google.com
aorta.clickagy.com
bat.bing.com
cdn.jsdelivr.net
d.agkn.com
explore.netspi.com
googleads.g.doubleclick.net
hemsync.clickagy.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
js.zi-scripts.com
munchkin.marketo.net
netspi.widget.insent.ai
px.ads.linkedin.com
px4.ads.linkedin.com
sc.lfeeder.com
snap.licdn.com
stats.g.doubleclick.net
tags.clickagy.com
tr-rc.lfeeder.com
widget.tagembed.com
ws-assets.zoominfo.com
ws.zoominfo.com
www.google.com
www.google.com.br
www.googletagmanager.com
www.linkedin.com
www.netspi.com
104.16.93.80
104.68.89.134
13.107.42.14
172.64.150.44
192.28.144.124
2600:9000:2127:4800:f:7ae2:7780:93a1
2600:9000:2127:9e00:4:8491:f2c0:93a1
2600:9000:2127:b600:4:d7e1:700:93a1
2600:9000:2127:ce00:f:7ae2:7780:93a1
2606:4700::6810:5914
2606:4700::6810:752b
2606:4700::6810:762b
2620:1ec:21::14
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:81d::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c09::9d
2a01:111:202c::237
2a02:26f0:3500:16::215:148d
2a06:98c1:3121::3
3.77.215.189
34.123.201.87
35.244.174.68
52.223.40.198
52.28.240.94
52.7.48.84
54.87.240.176
65.9.95.3
65.9.99.119
02b2b32a814a1f227043d5b9f78bc1c3152810208e2f8ec218f2cd2e9dc0e6e7
02bce09932864ee885477959d5f6c37d5dc9ed86e61fe29878947344d044affe
03bb41e28840e2b04be37373b251d29229da0eb272e6cbb94e50179992f38df6
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
12a39e2f8f6e3370feb892aa37fbdb372e2d4b8c6fd4eeaeee6c695abff82052
12c979aea1f9805e559aedcdac73e21fcf2aff852b3afd94f281858a857f9e8d
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
1aa235492307fc32a68f87b3b9a6dcc68dfe85ccd176d498b959e0d0e5c4f8ee
1c6b369cdacf4dc7dda9f815f22482dbdbdb33febdc504178b6bf57d77c895f1
22d9916f41ae31c44feae92841fc1d53284280b4fe3bb7a9c8ec9692a27d1b19
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2ce5b9658f9af75a57593304603b35b2c1cfe2bef46dce7c9dcbee5428a7c4da
30a47f7bce82ac3e4f3c918dbb5b3916ba998eb62a1f4b42957fad5c5804cb65
39c8d9c734bbef2017f08838db55e01590493fdf7533dd1878e41ff01d345c56
3a95689e90e588b166f7b3ecd334959a2d6a3da1d73d557c8fb72fa10cf465dd
43b03636aee8f083adc26a2bf456c1511d817130906129c0789dab13f5b67b93
4668869e9fa6de88c447a5d8589f5b4e1dd6bc1c384b27ad517629a0c2e86d02
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f1220ab0b472ddaa9c7cb0057639ca685b6fab04aa85d9e130191970fa3557c
4f419b027e9190090e16e711a5bc3e4fe9a27009744a399b562b64e7b0868e2a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5ce28be97f34b57d6124513b5d10cafc5efc9cae8d11856aa1a6b1e4fede43c3
5d6346e978f8214288a06312ff6006113d1ef96be66755c67b00d4b24490edd4
5dcb7767499a23281e3ffc82f81f58ad88d573c4d53b4f5315ae0f63eff79e9a
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60a72380597eb6cb9e08499b795fddaca51f492a1c6fd3abdf532b6684ceea93
67a2acd7d8b3cc61ac4e59eddb6e2a1d6307b10fe84dae58348b9c0dd2b6c12e
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6a18781ed68182d00fc3c53f6f07a8d7fb0bdbde70c89796e7528e89c8b72856
6c4f55f918407057b3de08e464d15b3e8f9f7c9a197b5e3c9f4ac7e0df43caa9
71bc82a96f363b7a9f72addb5313e652b8e32dca78fd2e2f9105226fe2e3a2b8
7432e74ff02682c6e207be405f00381569ec96aa247d232762fe721ae41b39e2
74b438f68f43b06e63c2481f13c757fbc1e6c197252236717ee331b6bb3b548f
76445bfca8248f1a8d9de41d21883d905d83f1e578c744847fd0e07da806debf
7914b5c306a51678e7d777317f64c95d31437c47344063ec422c6bb2b4d9d718
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7ae8dccb72b5211f2b09f34f88792b4d02fecfa68ab0cd8e4c3a5b0ed174c40b
7b353c4eb717f25b63c61e713c91fdcc8f1822da8a5f29b474b8e8828ca762df
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
85b9dffd781e47c571a53afc2f594c53f9c49ebeadc9adc3fc720d4a6e3a688b
85c16807aa46209df1cef9d5d433f7090cfdc0b1842abe1c3852a715a199bf5e
88d9516344ee9330948beee567eefd7a8da9b8b58bef12556bbdbf630320cae9
8c89e5d907927017585a04ac7752006a0bc18275950fab206b56c7249acada2d
8d1429128b1d2a472af135cd0fb8be7b2dbe05e28ad5ad8f781e0e3e2e9d5660
8d3e6674332114c69cb60eab9335502fef927b6006b07a0139fdf2487dd826f5
96d172f89cd7e8cc1883a24e2c5646206d08cf5d0020b6883b72326bb2d5f65a
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9941d2ff1cc99d68acf87db2bf00d461644f6a6f222af62c2fba71be5a97b447
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d31599822dae1353d655633c6dbd9454ef2138d172798f4a91119eedd6d89d
b9649e0e9e5790f8d6b5e69aa4ff9969e8f7d72a84f8501ff9379078005124d8
c0e96c0f51eb10934d2022f7d30dbeaf05f748f85d32dfe71711f2dbb21621d8
c31bd0f19e2107def0f40b01d84eb45e0869e22167e24a64ba0ff97de60219bb
c38e8db6a8ec20b1058d400f4c9236e5014716f0442e90298b12d63b1a88437c
c52a637262f56be3b303c55c10ee4814e03d04c6ee6476e99fe52600c4dc1c57
c905f2413a1e990eb88e59b7b22430976388bb3f24a74941869ad77e275f9a40
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d51720f0e2776240eb32dbee72b1f7575339298fe84e5fbd90ed6f61c746f452
d88e3e2e246579bd972a8af6437c7b5c76c10e7412588dd20b19c6e1fda75f70
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e15b7822f29544615fa3d39b2c7e2350806f80fd2ac38c8fa2a443b2c49f40a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d7ad12b5e26575638ce567d753e8c640379f9c243fadad1bbae1a167f4d39e
fd9427b5a7e6325220b12ef2818e5daeea24b453ac2c84d714e5f2bf13a545d8

www.netspi.com Open in urlscan Pro 34.123.201.87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

97 %HTTPS

55 %IPv6

20 Domains

31 Subdomains

30 IPs

5 Countries

1763 kBTransfer

3759 kBSize

25 Cookies

8 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.netspi.com Open in urlscan Pro
34.123.201.87 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

97 %
HTTPS

55 %
IPv6

20
Domains

31
Subdomains

30
IPs

5
Countries

1763 kB
Transfer

3759 kB
Size

25
Cookies

86 HTTP transactions
0 data transactions