www.huntress.com Open in urlscan Pro
199.60.103.228 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://list-manage.agle1.cc/click?u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Feverything-we-know-about-cve-2023-23397&c=526701...
Effective URL:
https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
Submission: On March 21 via manual (March 21st 2023, 7:25:34 am UTC) from AU — Scanned from AU

Summary HTTP 184 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 32 domains to perform 184 HTTP transactions. The main IP is 199.60.103.228, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.huntress.com. The Cisco Umbrella rank of the primary domain is 942183.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 21st 2022. Valid for: a year.

This is the only time www.huntress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	142.251.12.121 142.251.12.121	15169 (GOOGLE) (GOOGLE)
37	199.60.103.228 199.60.103.228	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	42.99.140.211 42.99.140.211	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
1	104.17.243.204 104.17.243.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.19.154.83 104.19.154.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.52.112.115 23.52.112.115	16625 (AKAMAI-AS) (AKAMAI-AS)
3	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.89.20 104.16.89.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.223.90 104.18.223.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.64.154.216 172.64.154.216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.139.124.58 34.139.124.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	54.225.3.167 54.225.3.167	14618 (AMAZON-AES) (AMAZON-AES)
6	104.16.89.5 104.16.89.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.75.165.244 104.75.165.244	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
36	74.125.24.136 74.125.24.136	15169 (GOOGLE) (GOOGLE)
1	13.225.103.94 13.225.103.94	16509 (AMAZON-02) (AMAZON-02)
2	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
2	192.229.237.25 192.229.237.25	15133 (EDGECAST) (EDGECAST)
1	104.17.115.176 104.17.115.176	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.130.171 104.17.130.171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.233.204 104.17.233.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.69.176 104.17.69.176	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.18.33.171 104.18.33.171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.85.5 104.16.85.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	142.251.10.94 142.251.10.94	15169 (GOOGLE) (GOOGLE)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
4 8	74.125.68.156 74.125.68.156	15169 (GOOGLE) (GOOGLE)
4	172.253.118.149 172.253.118.149	15169 (GOOGLE) (GOOGLE)
16	142.251.12.95 142.251.12.95	15169 (GOOGLE) (GOOGLE)
4	74.125.68.99 74.125.68.99	15169 (GOOGLE) (GOOGLE)
4	142.251.12.119 142.251.12.119	15169 (GOOGLE) (GOOGLE)
4	172.217.194.132 172.217.194.132	15169 (GOOGLE) (GOOGLE)
1	13.225.103.106 13.225.103.106	16509 (AMAZON-02) (AMAZON-02)
8	74.125.200.94 74.125.200.94	15169 (GOOGLE) (GOOGLE)
1	176.34.148.185 176.34.148.185	16509 (AMAZON-02) (AMAZON-02)
184	37

1 142.251.12.121 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f121.1e100.net

list-manage.agle1.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 199.60.103.228 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.huntress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 42.99.140.211 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-211.pacnet.net

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.243.204 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.19.154.83 (None, )

ASN13335 (CLOUDFLARENET, US)

no-cache.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.52.112.115 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-112-115.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.223.90 (None, )

ASN13335 (CLOUDFLARENET, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.154.216 (United States)

ASN13335 (CLOUDFLARENET, US)

3911692.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.139.124.58 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.124.139.34.bc.googleusercontent.com

webhooks.fivetran.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.225.3.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-3-167.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.89.5 (None, )

ASN13335 (CLOUDFLARENET, US)

perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.165.244 (Kowloon, Hong Kong)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-75-165-244.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 74.125.24.136 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f136.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.103.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-103-94.hkg60.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.235.1 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.237.25 (Granada Hills, United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.115.176 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.130.171 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.233.204 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.69.176 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.33.171 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.85.5 (None, )

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 74.125.68.156 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.118.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f149.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.251.12.95 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f95.1e100.net

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.68.99 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f99.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.12.119 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f119.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.103.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-103-106.hkg60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.148.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-148-185.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	huntress.com www.huntress.com — Cisco Umbrella Rank: 942183	999 KB
36	youtube.com www.youtube.com — Cisco Umbrella Rank: 82	3 MB
16	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 215	122 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	189 KB
12	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 static.doubleclick.net — Cisco Umbrella Rank: 241	2 KB
8	hubspot.com no-cache.hubspot.com — Cisco Umbrella Rank: 10083 app.hubspot.com — Cisco Umbrella Rank: 5247 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 9851 track.hubspot.com — Cisco Umbrella Rank: 2140	6 KB
7	hsforms.com perf.hsforms.com — Cisco Umbrella Rank: 10723 forms.hsforms.com — Cisco Umbrella Rank: 3785 forms-na1.hsforms.com — Cisco Umbrella Rank: 6124	4 KB
5	salesloft.com scout-cdn.salesloft.com — Cisco Umbrella Rank: 11317 scout.salesloft.com — Cisco Umbrella Rank: 13430	4 KB
4	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 226	12 KB
4	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 102	343 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	57 KB
3	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 1981	16 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 771 syndication.twitter.com — Cisco Umbrella Rank: 1148	132 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 607 script.hotjar.com — Cisco Umbrella Rank: 738 in.hotjar.com — Cisco Umbrella Rank: 1662	72 KB
3	hubspotusercontent-na1.net 3911692.fs1.hubspotusercontent-na1.net	95 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	25 KB
3	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1587 m.addthis.com — Cisco Umbrella Rank: 1573	141 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4449 forms.hscollectedforms.net — Cisco Umbrella Rank: 4631	25 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	89 KB
2	fivetran.com webhooks.fivetran.com — Cisco Umbrella Rank: 55630	325 B
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4452	2 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 337	35 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 686	35 KB
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1766	207 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 1977	20 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 3917	87 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 2929	3 KB
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 426	1 KB
1	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 7416	2 KB
1	linkedin.com platform.linkedin.com — Cisco Umbrella Rank: 3044	160 KB
1	agle1.cc 1 redirects list-manage.agle1.cc	228 B
0	hotjar.io Failed content.hotjar.io Failed
184	32

	Domain	Requested by
37	www.huntress.com	www.huntress.com
36	www.youtube.com	www.huntress.com www.youtube.com
16	jnn-pa.googleapis.com	www.youtube.com
8	www.gstatic.com	www.youtube.com www.gstatic.com
8	googleads.g.doubleclick.net	4 redirects www.youtube.com
8	fonts.gstatic.com	www.youtube.com
5	track.hubspot.com
4	yt3.ggpht.com	www.youtube.com
4	i.ytimg.com	www.youtube.com
4	www.google.com	www.youtube.com
4	static.doubleclick.net	www.youtube.com
4	perf.hsforms.com	www.huntress.com
4	scout.salesloft.com	scout-cdn.salesloft.com
3	js.hs-banner.com	www.huntress.com js.hs-banner.com
3	3911692.fs1.hubspotusercontent-na1.net	www.huntress.com
3	cdnjs.cloudflare.com	www.huntress.com
2	forms.hsforms.com	www.huntress.com
2	platform.twitter.com	www.huntress.com platform.twitter.com
2	connect.facebook.net	www.huntress.com connect.facebook.net
2	webhooks.fivetran.com	cdn.jsdelivr.net
2	dev.visualwebsiteoptimizer.com	www.huntress.com
2	cdn.jsdelivr.net	www.huntress.com
2	s7.addthis.com	www.huntress.com s7.addthis.com
2	code.jquery.com	www.huntress.com
1	in.hotjar.com	script.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	syndication.twitter.com	platform.twitter.com
1	forms-na1.hsforms.com	www.huntress.com
1	cta-service-cms2.hubspot.com	www.huntress.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	app.hubspot.com	www.huntress.com
1	js.hs-analytics.net	www.huntress.com
1	js.hsleadflows.net	www.huntress.com
1	js.hscollectedforms.net	www.huntress.com
1	js.hsadspixel.net	www.huntress.com
1	static.hotjar.com	www.huntress.com
1	z.moatads.com	s7.addthis.com
1	scout-cdn.salesloft.com	www.huntress.com
1	no-cache.hubspot.com	www.huntress.com
1	cdn2.hubspot.net	www.huntress.com
1	platform.linkedin.com	www.huntress.com
1	list-manage.agle1.cc	1 redirects
0	content.hotjar.io Failed	script.hotjar.com
184	45

This site contains links to these domains. Also see Links.

Domain
huntress.io
support.huntress.io
msrc.microsoft.com
twitter.com
support.microsoft.com
www.youtube.com
www.trustedsec.com
github.com
www.mdsec.co.uk
delivr.to
www.nextron-systems.com
learn.microsoft.com
drive.google.com
www.microsoft.com
www.linkedin.com
www.facebook.com
www.bizratings.com

Subject Issuer	Validity	Valid
www.huntress.com Cloudflare Inc ECC CA-3	`2022-11-21` - `2023-11-21`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2022-06-09` - `2023-06-09`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-16` - `2023-04-14`	a year	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
webhooks.fivetran.com R3	`2023-03-01` - `2023-05-30`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-28`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-12` - `2024-01-12`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
Frame ID: 4EA245D4CFFCD6F7901753FE61EFDB0D
Requests: 90 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Qh5BPsf_NMo
Frame ID: 063090CF9E091FAF1BDA40687A3CEB28
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/embed/zqnCa6MztZU
Frame ID: 8974EB5AC47DA34E0F1D497FB1196626
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/embed/c21CsdO7iCE
Frame ID: 9AB94D68DA10791BEE76A39F8C42A52F
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/embed/WMFAwLX_O0o
Frame ID: CABD8033D6E42A1550040BC726C19D92
Requests: 21 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2FA697457892D3582DBFEE6987F11624
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: B09E2010CE2E5C73930AABB6BAC83968
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.huntress.com
Frame ID: CB559975022F63E9DC37660D62E2D1BB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Everything We Know About CVE-2023-23397

Page URL History Show full URLs

https://list-manage.agle1.cc/click?u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Feverything-we-know-about-cve... HTTP 302
https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397 Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AddThis (Widgets) Expand

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

184
Requests

97 %
HTTPS

0 %
IPv6

32
Domains

45
Subdomains

37
IPs

6
Countries

6055 kB
Transfer

18674 kB
Size

28
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://huntress.io/
Title: Partner Login Access Your Huntress Dashboard

Search URL Search Domain Scan URL

URL: https://support.huntress.io/
Title: Support Documentation Technical Product Support, FAQs & More

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-23397
Title: CVE-2023-23397

Search URL Search Domain Scan URL

URL: https://twitter.com/_JohnHammond/status/1637911522973487104
Title: John Hammond

Search URL Search Domain Scan URL

URL: https://twitter.com/wdormann/status/1637914038989475843
Title: Will Dormann

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/en-us/office/turn-sound-effects-on-or-off-in-outlook-e37d6cb4-5313-4d60-87fd-c4a7c2e4df59
Title: turning off the "Show reminders" setting in Outlook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@MSPMediaNetwork
Title: MSP Media Network

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397
Title: official advisory

Search URL Search Domain Scan URL

URL: https://twitter.com/domchell/status/1636742613121236992
Title: reported

Search URL Search Domain Scan URL

URL: https://twitter.com/wdormann/status/1636741880674222081
Title: local hostname

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/blog/2023/03/microsoft-mitigates-outlook-elevation-of-privilege-vulnerability/
Title: publishes a blog post suggesting mitigation efforts

Search URL Search Domain Scan URL

URL: https://twitter.com/HackingLZ
Title: Justin Elze

Search URL Search Domain Scan URL

URL: https://www.trustedsec.com/
Title: TrustedSec

Search URL Search Domain Scan URL

URL: https://twitter.com/HackingLZ/status/1635734777356603393
Title: suggests testing

Search URL Search Domain Scan URL

URL: https://github.com/Sicos1977/MsgKit
Title: MsgKit

Search URL Search Domain Scan URL

URL: https://twitter.com/domchell
Title: Dominic Chell

Search URL Search Domain Scan URL

URL: https://www.mdsec.co.uk/
Title: MDSec Labs

Search URL Search Domain Scan URL

URL: https://www.mdsec.co.uk/2023/03/exploiting-cve-2023-23397-microsoft-outlook-elevation-of-privilege-vulnerability/
Title: first public writeup

Search URL Search Domain Scan URL

URL: https://twitter.com/ACEResponder
Title: ACE Responder

Search URL Search Domain Scan URL

URL: https://twitter.com/ACEResponder/status/1636116096506818562
Title: detection efforts

Search URL Search Domain Scan URL

URL: https://delivr.to/
Title: Delivr.to

Search URL Search Domain Scan URL

URL: https://twitter.com/delivr_to/status/1636074273478459395
Title: shares

Search URL Search Domain Scan URL

URL: https://delivr.to/payloads?id=494a2718-a012-45d5-9fe8-27465b0c1809
Title: the first public testing proof-of-concept

Search URL Search Domain Scan URL

URL: https://github.com/delivr-to/detections/blob/main/yara-rules/msg_cve_2023_23397.yar
Title: YARA rules

Search URL Search Domain Scan URL

URL: https://twitter.com/wdormann
Title: Will Dormann

Search URL Search Domain Scan URL

URL: https://twitter.com/wdormann/status/1636497737528102912
Title: explores the potential

Search URL Search Domain Scan URL

URL: https://twitter.com/cyb3rops
Title: Florian Roth

Search URL Search Domain Scan URL

URL: https://www.nextron-systems.com/
Title: Nextron Systems

Search URL Search Domain Scan URL

URL: https://twitter.com/cyb3rops/status/1636492182210199555
Title: begins developing a Sigma rule

Search URL Search Domain Scan URL

URL: https://twitter.com/Oddvarmoe
Title: Oddvar Moe

Search URL Search Domain Scan URL

URL: https://github.com/api0cradle/CVE-2023-23397-POC-Powershell
Title: standalone PowerShell proof-of-concept

Search URL Search Domain Scan URL

URL: https://github.com/microsoft/CSS-Exchange/blob/a4c096e8b6e6eddeba2f42910f165681ed64adf7/docs/Security/CVE-2023-23397.md
Title: PowerShell script

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/office/client-developer/outlook/mapi/pidlidreminderfileparameter-canonical-property
Title: PidLidReminderFileParameter

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/office/client-developer/outlook/mapi/pidlidreminderoverride-canonical-property
Title: PidLidReminderOverride

Search URL Search Domain Scan URL

URL: https://twitter.com/aceresponder/status/1636116096506818562
Title: ACE Responder

Search URL Search Domain Scan URL

URL: https://drive.google.com/drive/folders/1G6OMV5bzMJSrlwqLwkkRgep6I0mGs502?usp=sharing
Title: here.

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/windows-server/security/credentials-protection-and-management/protected-users-security-group
Title: Protected Users Security Group

Search URL Search Domain Scan URL

URL: https://twitter.com/GregAke
Title: Greg Ake

Search URL Search Domain Scan URL

URL: https://github.com/huntresslabs/threat-intel/blob/main/2023/2023-03/cve-23397/win_cve_23397_davclnt_wav.yml
Title: a Sigma rule

Search URL Search Domain Scan URL

URL: https://twitter.com/elceef/status/1636371173222260737
Title: @elceef shared a YARA rule

Search URL Search Domain Scan URL

URL: https://twitter.com/atn1ght1/status/1636484569753956355/photo/1
Title: @atn1ght1 shared a great visual representation

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/download/details.aspx?id=36036
Title: Microsoft offers guidance

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/huntress-labs/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/huntresslabs
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/huntresslabs
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Huntress/featured
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.bizratings.com/Huntress-Labs-Incorporated
Title: BizRatings

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://list-manage.agle1.cc/click?u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Feverything-we-know-about-cve-2023-23397&c=5267013717262336&s=6219240973533184&ns=ccpcrm HTTP 302
https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 122

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 135

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 138

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

184 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request everything-we-know-about-cve-2023-23397 Show response
www.huntress.com/blog/
Redirect Chain

https://list-manage.agle1.cc/click?u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Feverything-we-know-about-cve-2023-23397&c=5267013717262336&s=6219240973533184&ns=ccpcrm
https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

152 KB
28 KB

449ms
136ms

Document
text/html

199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

80c5b115d3add1695dfb3e5c6f2ad3ba4ff7fc27e76b7247a1958a609eb2b3ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: s-maxage=10800, max-age=0
cf-ray: 7ab475e19bfca81f-SYD
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 21 Mar 2023 07:25:21 GMT
edge-cache-tag: CT-106349208167,CT-106809771290,CT-63932328756,CT-74847633462,CG-39343107504,P-3911692,L-37647219354,L-38940492861,L-97832688913,CW-37647184945,CW-37647219358,CW-37648091485,CW-37648262592,CW-72308060713,CW-97827380338,E-37640723000,E-37647164007,E-37647184944,E-67886983812,MENU-38395296852,MENU-38397117900,PGS-ALL,SW-4,B-39343107504,GC-38395296829,GC-97827380396
etag: W/"0a869bb3105f495251b19c32ff55be5e"
last-modified: Mon, 20 Mar 2023 23:27:15 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yaN86zvkurOCywQSG5%2BOO2%2F1Aq44TOviJaSgyZQ8QRYDInXTYrgD9AJimbX4jwXQ%2FPcKvxla8BeDLloWrDPA27DGMiLpeTRmy7YZNyPhleYulqEVlNWOZgGgr%2BkyqPj5cWM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-frame-options: sameorigin
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: HIT
x-hs-content-id: 106809771290
x-hs-hub-id: 3911692
x-hs-prerendered: Mon, 20 Mar 2023 23:27:15 GMT

Redirect headers

content-length: 0
content-type: text/plain
date: Tue, 21 Mar 2023 07:25:20 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
server: Google Frontend
x-cloud-trace-context: 681ba1ff8be863efd9d4f668af8258de;o=1

GET
H2 200 module_97827380338_POWER_Header_V2c.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/97827380338/1676562421744/ 7 KB
2 KB 136ms
131ms Stylesheet
text/css 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/97827380338/1676562421744/module_97827380338_POWER_Header_V2c.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c14d9ab83afefac27b8b16689d2d1444e1d0d93ad55bbd1a55895fccfef24f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 68261aebcfc232344da2ef3bf1d3f9ea.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: SAGWwmpNT4Ce834E44U7VqSnpf14PdPD
age: 949
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-amz-request-id: NTQV0ZZT3B51WX04
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: m6cKNjuuJkhRoeMx7nTO/1iGFcZhWZmVNHWD+UmR00pRyUp31Cw62MY7AK6CdqcZ29qi+kAK2Us=
last-modified: Thu, 16 Feb 2023 15:47:02 GMT
server: cloudflare
etag: W/"9be42df21680f40ed61ab094e7f3caf6"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1676562421744
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=In0j7EBXDAmr%2Fs66L7y4rMF7Fc705JlYdsdLns27zFnq6%2BEIRHns7z0EvHYo5%2F02mRylizEIjowHQLnGzEUxvofh1WumhaXzN6UHDQ2aCtlMNGVvshH25TpYs9B3ZgAbSMA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 7ab475e28ce9a81f-SYD
x-amz-cf-id: e--fUbPvVjmrpZYFraLTLVj6ue8S-gE_gHQqX7aWGeWj2iWYsOqlcQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module_37647219358_POWER_Blog_Post_Header.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37647219358/1639032908209/ 74 B
737 B 140ms
135ms Stylesheet
text/css 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37647219358/1639032908209/module_37647219358_POWER_Blog_Post_Header.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

24846a3f194b09919bf75cec2a1d012653257442cea9342c648d618c8bddd844

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 49upZA48BAIxdOk80QHxcPVW7u781vZq
age: 949
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-amz-request-id: XGQE23MR17ZQGM1J
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: kAE4VfQpu3OpWXsfiJucqqa65jjelpCJKng3kgqkNJ9EL97oG1BiM9tRq6/xmINPrqsyDhJ+Xrc=
last-modified: Thu, 09 Dec 2021 06:55:09 GMT
server: cloudflare
etag: W/"69dec35879b2f3061c26e9b58f93b109"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1639032908209
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyQ1VnYQR0kYBmOgJwJcJF9LeBuLbPE%2F2uUiU0MzeLlwD4azmXkElExpsVNaXhpI5WG3PFG1dTx2LzjaBitV01jTv0nKwAzuaTG8MBhKRZkhgNud39tLMOBctPcT7VmJ03I%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 7ab475e28ceaa81f-SYD
x-amz-cf-id: DalSg97uNocgzY1kBxr9TVJ0FHMKh7RNXvnr_8H24a813ZNf-kpfWA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module_37648262592_POWER_Blog_Post.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648262592/1674668888770/ 3 KB
1 KB 128ms
123ms Stylesheet
text/css 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648262592/1674668888770/module_37648262592_POWER_Blog_Post.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

558979f57321b92691fa5d479ae380773ae5d9dffd5f8bcaddc4525ea361f0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 aa6e16f47d6a0519f52b8dcfca2d841a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: sLM6hNVINivm4kGFb2j1Qp1W3F_bHazx
age: 949
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-amz-request-id: YF9RGDMB5KWMGS7A
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: DVVr48bIUvLC0UD/7YnntrDGtYKKP5kMbOr8apIZaA74frovIk2hDg0wvHgHCPsEWGPncYgxHlw=
last-modified: Wed, 25 Jan 2023 17:48:09 GMT
server: cloudflare
etag: W/"32d40d380ad9ef9fa7e8201229f3af48"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1674668888770
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIJs7YjF0%2BORyaS6XmOvhDAq4etS6W%2BrmHc6WPfVdJKC2tTZQZA7iath8XINo96ZXqGuYjpuTdKfEa0MVjL%2BY2ZI8Zum677FPvN%2B%2BsluuLMRTpQ1q3iC0tpMelIokhzIfwU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 7ab475e28ceca81f-SYD
x-amz-cf-id: DSNX5vEBReLWHhHiAjHM-Fsf5l6k5jW_WrE4OJtyr2EHthQm3u2foQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module_72308060713_Blog_Related_post.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/72308060713/1669043943698/ 980 B
1 KB 126ms
121ms Stylesheet
text/css 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/72308060713/1669043943698/module_72308060713_Blog_Related_post.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c52ffb59a6bf4ac549ed6da4dbe39a7661ff82147942ff109c2e72ae676b787c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 920629f47fa586ce02a1a1af8b626578.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: PvcH1mnBAoQZmMyjaqQqh_SH9bmBXz5d
age: 948
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-amz-request-id: ZS2924PCDQDDR8FJ
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: oeOuT769hT9m9+fDc7npbwXtTd+jY534I8Yjbj4ZAWFbYKXrfqhgF6guyXJAO99HY9YGO+WsZes=
last-modified: Mon, 21 Nov 2022 15:19:04 GMT
server: cloudflare
etag: W/"367408b281056af8212339a4673151f1"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1669043943698
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chBAvzpp56G6CKkugAX8u18cdx0LJgBtQqe5vU6vJiA9MzOMMUIhl0zMVOr3cOrKAKMEIGWvxWJ9kSOgnQVD941nDl1l%2FktS8nf%2FGKcgcxIowjPp0Y8a5ptsEfs8pjTEftY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 7ab475e28ceda81f-SYD
x-amz-cf-id: 9blcRQTgxCh7i9_2nKH2B3FsQ3iqzskIvlkRyAnOYfPsUU_EmcCaOQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module_37648091485_POWER_Footer_Full.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648091485/1674666344441/ 161 B
1 KB 158ms
153ms Stylesheet
text/css 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648091485/1674666344441/module_37648091485_POWER_Footer_Full.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b355e659eb1f476e9bb8b33c109b4c47718d902e483db104fcfea35cfc8a5584

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 de349bd2105a0a744704f391ff854e62.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: IXDFPhC61haDVWMg3tDQdN4OwCCIYt0V
age: 949
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-amz-request-id: Q1XS01ZGGXW8Z66W
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-encoding: br
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 9ikZIcKCk72uhtNpwKwidA9cdSBSfSRtSlBERiX/T6LQBA8zseu4LHISAgII9pKtWM3ZH0URnNQ=
last-modified: Wed, 25 Jan 2023 17:05:45 GMT
server: cloudflare
etag: W/"6d74737f02d2fe1e657f09910ca14558"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1674666344441
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFJyngScXn00RqNfHxkdmCk6Krraywsa3GqD1RTYKYyvdjemlLYTn81o%2BAp1cdCAgL4IKWEvwOEsji%2BkqlTkzyGdIDaKFy0bAylICd2g%2BnyYMVVk2667KENkB%2FXleniUEMU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 7ab475e28ceea81f-SYD
x-amz-cf-id: ZP7lk9kH0RWDl2xlFlt_BFWHLhy4rIuZkQYUKD6tp9YWK8D8Yf8qYQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 735ms
245ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
Origin: https://www.huntress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:22 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-15d9d"
vary: Accept-Encoding
x-hw: 1679383522.dop235.la3.t,1679383522.cds232.la3.hn,1679383522.cds267.la3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 jquery-migrate-3.3.2.min.js Show response
code.jquery.com/ 11 KB
4 KB 967ms
478ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-3.3.2.min.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
Origin: https://www.huntress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:22 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-2bd8"
vary: Accept-Encoding
x-hw: 1679383522.dop235.la3.t,1679383522.cds232.la3.hn,1679383522.cds245.la3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 4165

GET
H2 200 in.js Show response
platform.linkedin.com/ 509 KB
160 KB 838ms
198ms Script
text/javascript 42.99.140.211
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

42.99.140.211 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),

Reverse DNS

ip-42-99-140-211.pacnet.net

Software

Play /

Resource Hash

b820ca27127163e2d3feba895bc2722878e51c676c44b9d52f89dacdf24a01f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV4
x-cdn: AKAM
content-length: 163382
x-li-uuid: AAX3Y5CC41AGNlrmci9Epg==
server: Play
x-li-pop: prod-ltx1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-lva1
x-li-source-fabric: prod-ltx1
cache-control: public, max-age=3600
x-li-proto: http/1.1
expires: Tue, 21 Mar 2023 07:58:01 GMT

GET
H2 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1679321773829/hubspot/hubspot_default/shared/responsive/ 4 KB
2 KB 351ms
134ms Stylesheet
text/css 104.17.243.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1679321773829/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.243.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 61528
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Mon, 20 Mar 2023 14:16:15 GMT
server: cloudflare
etag: W/"94daf62e7e6df83595c6251fb0c7c055"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1679321774855
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XfyNJt91fwuTjByepypCuQM1ePtw8WxGm3SmrOUmr86VsomKT96QRjp%2FA7F7hlF4DjyN%2B4105nwSbeEiF19pNfkeQxs846h8mP3Y80Msx4jLZY1%2B88Mago7%2F3vj7qu%2FMA8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ab475e3de8fa807-SYD
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 pwr.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37640723000/1678796142999/HL_Theme_2021/Coded_Files/ 247 KB
43 KB 129ms
126ms Stylesheet
text/css 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37640723000/1678796142999/HL_Theme_2021/Coded_Files/pwr.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

299c86a9f0a44c5d7958234cfb021c3c73746ade2289d327778c7b08754947af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 470d4277236d0557f3e42c6bfe9dac78.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 4fnJyamHff1bLxYTGeFe_VsApAr9fOjf
age: 949
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-amz-request-id: 9VZZKYCKPYS9D6M4
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: mTUTEtQfzXV5GRH1FTlFvgIKm8yXuG1Tgmv6YrGxqVK3vYtPDyn/2zXQkggPwJrK+5CQCmnTpIo=
last-modified: Tue, 14 Mar 2023 12:15:46 GMT
server: cloudflare
etag: W/"5847384eb2dd1ff5deb11f97ec259944"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1678796145392
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FKWn554dbGbUgrExMhrkOWXD9pEIDKcIuo9%2FUvtwvzBNrE01dQUh3aqcviF9uw3Zo30v1JREFxV%2F4K7PD0efD28xAUB6D3HBxUKYZJVUuS9ygW%2BZxwtUB3txd6QwGkJBV8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 7ab475e28cefa81f-SYD
x-amz-cf-id: vxMUQ8bFO332AYMJ6Hqba3bSbwAQZZvidZatUbDYfmOQZEYDGL0yOg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 custom-styles.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37647184944/1670338665550/HL_Theme_2021/Coded_Files/ 5 KB
2 KB 126ms
123ms Stylesheet
text/css 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37647184944/1670338665550/HL_Theme_2021/Coded_Files/custom-styles.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4067930b3bd986758e5cf0716f632eed56d9628eba4fc6d9002a00cc94110dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: GM243f.mqEIfG51QqeMKEnVH3FJ6_p3Q
age: 949
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
x-amz-request-id: V0N649HMEDWSS0Y1
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: kcqMH9D+8gJ1xWypZw4Oa9wXl0O/WxLL/8xoeuNHQ1CwUZhhQ7L/rZuxQFIZghxTx8gk3Lbb1SU=
last-modified: Tue, 06 Dec 2022 14:57:47 GMT
server: cloudflare
etag: W/"0e9f619bafa9c065ccaf1ff3119f0632"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1670338666433
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PfJRiW0VZ8OYMEyZcl3fTuwiOttjgSwRDwSXX4tWq2ze6VkVT95wWlaovmjZ3XIybwYF6UX%2B2ky0BA8MNN7yzFgYidDufSKs1qPkQyGrwEIVQdckQjuJu1tXzZHQs%2FmAtDA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 7ab475e28cf1a81f-SYD
x-amz-cf-id: GJVcRj-c80lCprEjrfL9nlg3q5MclB-pho29NZHFQE2RJYYhAGhx0w==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 Asset%209@2x.svg
www.huntress.com/hubfs/ 9 KB
8 KB 127ms
126ms Image
image/svg+xml 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hubfs/Asset%209@2x.svg

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b860656603a5037d589fbc590dae90f79f93a93fa0c0b9511e3aa8df3e1a5ca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-83752863832,P-3911692,FLS-ALL
age: 555387
x-amz-request-id: R0XMNP3VB35QK05X
x-amz-server-side-encryption: AES256
edge-cache-tag: F-83752863832,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: W/"ec2e8f640c47f66c6d508679561605ea"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1662099980418
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Tue, 21 Mar 2023 07:25:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 418e97b4cd79980675a1440e7e560260.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 5WkADezxqa2S290OS.L8DvV4kL0N54Ge
x-amz-cf-pop: LAX50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-83752863832,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: OFWubfjv7plXyaSKW65rXPwaTjm68lQY5GhOV2Yo0FgUa+GhIhZZ+N9PfDAJFM8VIXMF29Bzod4=
last-modified: Fri, 02 Sep 2022 06:26:21 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRdWWG9tvibDrDHplBfamLrqKlauiFw8TffeYc17oRk2kcIy91eEmNZvItFOEFuo7S4Kb4wtx9y4Hc7R9yMXFpOLlvs6wO%2FkhsTxHs5B6SAXLO6BnOzrZ4IQ6KCz%2FCdUvMM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ab475f1782955b7-SYD
x-amz-cf-id: AVSHRrw53X2xGvyYL6vigBGWXfgJq9qameKI1gfiMZvebN9QLcFAmw==

GET
H3 200 Asset%2010@2x.svg
www.huntress.com/hubfs/ 10 KB
8 KB 116ms
116ms Image
image/svg+xml 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hubfs/Asset%2010@2x.svg

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

954f86735dfd8abf4d923b985e719ab1ae438a2fb15a22346b141879538f4a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-83847772490,P-3911692,FLS-ALL
age: 555387
x-amz-request-id: VCCFMH81F9NG22EQ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-83847772490,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: W/"f7b384afa435308d55a50acb3b4dc9a1"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1662182958118
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Tue, 21 Mar 2023 07:25:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 37d6a7866914f4479b2ebf8191aa9a4c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: YFYdY6E2e5vfVkim17ED3MGPRYOjZc2d
x-amz-cf-pop: LAX50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-83847772490,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: wyJDA0TtXu7Yrta5OIWDnxk3BtQhs7/6gGH1oQPN+vEA+O/hWhJ/PNKu3g/ryzDy7HjR83Qhtmg=
last-modified: Sat, 03 Sep 2022 05:29:19 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KctULfxCnTXYtmoyk0bi%2FHCF5eT%2BnCfgPU6uimpFrEDG8oXrMUmEjULnVpmzuywuBcCCwGczqAmmctzOHvPVYHqBjHr5%2FSpWOLMHrdJszZOd0rkN%2B6aJ6bYgzD2zfYxfCu8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ab475f228d755b7-SYD
x-amz-cf-id: 6mCASuLQomoHEn8FkkEDN0s2jRUM-VH4_Sba3FNLQBKsafQWCoeh0w==

GET
H3 200 Asset%2014@2x.svg
www.huntress.com/hubfs/ 7 KB
7 KB 118ms
118ms Image
image/svg+xml 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hubfs/Asset%2014@2x.svg

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeab6099229124c0acf1a7cbccf49c55808ca5de5ba8468e03d98bcfcdab3ed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-83846667130,P-3911692,FLS-ALL
age: 555387
x-amz-request-id: Y1CMTMWK068SRJJ6
x-amz-server-side-encryption: AES256
edge-cache-tag: F-83846667130,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: W/"50545bf8ea725c9686064c10f850c0aa"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1662183246506
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Tue, 21 Mar 2023 07:25:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 cf0406bc67043378998de4d2ebe1b638.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: hNiqXEMKtM._2D4mEPj9Zrl4aEAcxNQs
x-amz-cf-pop: LAX50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-83846667130,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: iuSXK5QhYxvgr6YJQLeyawZGiTBLxuzvVnHs3giuu80DtpWGNJAFunGEUL0GjM/Tev1xK/XYb/U=
last-modified: Sat, 03 Sep 2022 05:34:07 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJqQW0jYXHhLYf6HyWWJVqh08b6DuHOE5%2BOGeJwNGIgyT%2ByjQ0Z5fY32UuXoTjMXeOOwzB3r7SlyjqHyV%2BLrxrNPMKfPMGiiPFvqAmjeK9PPEffJtb5C0M0F2CY2UM2hBNU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ab475f248f255b7-SYD
x-amz-cf-id: oAkzVi_bCem_gAA8T-xMIh-5egR_oh15yTakPBtl9npTVEes-r3Jig==

GET
H3 200 Asset%2011@2x.svg
www.huntress.com/hubfs/ 3 KB
4 KB 119ms
118ms Image
image/svg+xml 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hubfs/Asset%2011@2x.svg

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

295c420318d37ced90a8a681fe353fe027fd60e83a16ff965950cac3ccb22b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-83847468397,P-3911692,FLS-ALL
age: 555387
x-amz-request-id: NAX518J9W2942R75
x-amz-server-side-encryption: AES256
edge-cache-tag: F-83847468397,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: W/"677d200d167e600e2026cdb12a5ed996"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1662183042931
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Tue, 21 Mar 2023 07:25:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 418e97b4cd79980675a1440e7e560260.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: xjQD8JwE7xmMFjX84sLQs_NDETJwQbqX
x-amz-cf-pop: LAX50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-83847468397,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: W/hIXDP1NC8R7dAgmNzqTowtWhsKbaYvQsb00Eb8OpyDOuA09gHX8cvbSlqo3ihSJDBPqQc13Zw=
last-modified: Sat, 03 Sep 2022 05:30:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5K%2F5IrCSjotYp%2FYFPwsZyDlEt%2FVykVY9urVIMW%2FD0kYzuwG1kVHMh6yw5rIEdnoYzrsd1M3SS5hysbwhBzmzLTwQiJRC9g%2F1YhClrqOOkerWeSygKHcbXGItfPWDxLwBkM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ab475f2a93d55b7-SYD
x-amz-cf-id: UEKb49mkt79GurcvdXCyvCt9LsmrPSUifypHOe_Jko-D2Bu21-LEIA==

GET
H3 200 Asset%2013@2x.svg
www.huntress.com/hubfs/ 15 KB
12 KB 121ms
121ms Image
image/svg+xml 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hubfs/Asset%2013@2x.svg

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6145ffccacbf92ec04526c41b5e912e6555a7102a0515c64d5ae5b6002c8e4cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-83846874671,P-3911692,FLS-ALL
age: 555386
x-amz-request-id: 9FB6V6DEWZ1CN863
x-amz-server-side-encryption: AES256
edge-cache-tag: F-83846874671,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: W/"9ec961a19aeb3e2015c061aede542e18"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1662183181118
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Tue, 21 Mar 2023 07:25:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 80e637d12d05a8212382cb26f2ad9788.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: XFquvk99yq_WF897UvSyCDvvhrMfo7eM
x-amz-cf-pop: LAX50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-83846874671,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: hfVZ2RFgSJPWO7e8D3u2wWhUxNA4pqyfBrUV5KWdM2mOUn/c+u0e4nT2ZUz0QASI7bysT4DdPxs=
last-modified: Sat, 03 Sep 2022 05:33:02 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jo9F549HNFn5jj65jZo4wyWzrVypSJySPVEXSD8vCZncTRGOTFjtcyyTNhtoAww36xuG9z2%2F%2FCFwil%2FKkO27fpziL%2F0Lr0XehojS%2FBBLnpFq2UgmM0IiyxM2WRZf0tb0%2Bgg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ab475f2d96055b7-SYD
x-amz-cf-id: 4yZ7PHBGzpzdFUdw0g90XKePbLzzi4H2yhHSav693rw0MfP7hJ5LSg==

GET
H3 200 Asset%2012@2x.svg
www.huntress.com/hubfs/ 5 KB
5 KB 120ms
119ms Image
image/svg+xml 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hubfs/Asset%2012@2x.svg

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aad4b41123dd3a244cebc4b650de024f2650df1fba41d62ae4c9e4adcf4bc344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-83854073700,P-3911692,FLS-ALL
age: 555386
x-amz-request-id: MFCZVTTP8RVS8JH4
x-amz-server-side-encryption: AES256
edge-cache-tag: F-83854073700,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: W/"840ad20b2e3fd35f9898eeb352b54514"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1662183114206
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Tue, 21 Mar 2023 07:25:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 418e97b4cd79980675a1440e7e560260.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 0u3oVjPLGkqbx06S3I_LGFVUVlpBJeGx
x-amz-cf-pop: LAX50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-83854073700,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: JhNd/YPRBwhGkOIr5tNPgKtjpGu6OL8RIxKzesPllmaQPGsfLIov8CO/1hUHRTaFusjAWu5spMo=
last-modified: Sat, 03 Sep 2022 05:31:55 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgIwZrXTvDP26dDOCix0XJ5VoAmcqE6k2%2FuMF1LbbfBjCofan5Qd%2Fvv9BpcEsLcSs0eCVnAM2jmxX%2BWIfML5CC1qzGShlGajCgC5bsww47p%2F5GMlKxxTRM8esanxlr9qzOk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ab475f2f96f55b7-SYD
x-amz-cf-id: cXDXnNY9Q5s9DxSJDpvv7m-duuvJyJFGJWZyJKgsgl6XNEXlJRwcZA==

GET
H3 200 Asset%2015@2x.svg
www.huntress.com/hubfs/ 7 KB
7 KB 118ms
118ms Image
image/svg+xml 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hubfs/Asset%2015@2x.svg

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ee1caa737e585d6cf4a91ab01b27aff627c2056544d7c9e4f704f1a9176a023

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-83854984338,P-3911692,FLS-ALL
age: 555386
x-amz-request-id: T4K3HEN0B2NN0KF2
x-amz-server-side-encryption: AES256
edge-cache-tag: F-83854984338,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: W/"46ba1d0e22afcd81d0f559509d4040e0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1662183311931
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Tue, 21 Mar 2023 07:25:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 39e44e46353104df87ef42f4a05553fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ykcf.YtMKnpKRVLLWHK_h271kY_vwQ8j
x-amz-cf-pop: LAX50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-83854984338,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: +pXmd42n9TTP7PGakAdg2U49zXVnsL5BvlPihtw47dYAMAlR4jqA4mYvNwcUgiBmoQ3pK8WasjWfndiRYaYp5A==
last-modified: Sat, 03 Sep 2022 05:35:12 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0M%2Bx3asGuNkUxwyoFNOIZ7PrqjGyW0SVdoxXsuoKt1TO9o61O0AMe9cb3fW5N4cs4cRcmbbNXae%2FECkqTeJVwAstE7YkRTdWTaVxnU1J2x3Fdflyh%2FiUrS36KK6%2FkFt8Ro%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ab475f3097555b7-SYD
x-amz-cf-id: 9z0N2Uek6hmWkgOuXh-ylTMolkgq65bIEBYYc1uBrdtZ3QJGNNIOBQ==

GET
H3 200 Asset%2016@2x.svg
www.huntress.com/hubfs/ 12 KB
10 KB 114ms
114ms Image
image/svg+xml 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hubfs/Asset%2016@2x.svg

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

295fe623d1742c976f775c008be5bcb815be503e1cd7811aafdc08cd12682c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-83854167428,P-3911692,FLS-ALL
age: 555387
x-amz-request-id: VCCE233B2SGR91TF
x-amz-server-side-encryption: AES256
edge-cache-tag: F-83854167428,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: W/"44914406e9714339fed07ac3ccde38fe"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1662184506038
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Tue, 21 Mar 2023 07:25:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 39e44e46353104df87ef42f4a05553fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: wbLDdPcRl.zixcmn1ViEkxLS23kLuxQF
x-amz-cf-pop: LAX50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-83854167428,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ji3Xov42flwNq+aWfctNpIcCUIxp5JCjpg3+eN2mbEquZNohkAmC6qHeqD342lEjNxWnXwWrnZs=
last-modified: Sat, 03 Sep 2022 05:55:07 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9uRBGN3OTkzhTbgsXWjXHmsHY1Pg4mvQdXKqVu7NjH9avcN83mH0evVY3RvYPNGoAN1prNapSyAAZpl671OHijANn9k72syzfxHLFSl4eb9QpRbEsR40SwpFksb6HsgZBw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ab475f3499855b7-SYD
x-amz-cf-id: x7PxS66wNmp4R4REEvLhb2UbEbdv4sKP2hoiuuyv6yNUtYwp01IHZQ==

GET
H3 200 Group%20139.png
www.huntress.com/hubfs/ 5 KB
6 KB 119ms
119ms Image
image/webp 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hubfs/Group%20139.png

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

24bf1462917f99639fe1db5284b292d9f2dfb6ab5629d2426b5243a4db6b5b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-83753956493,P-3911692,FLS-ALL
age: 555387
x-amz-request-id: VN10BTA4HJWA8A2G
x-amz-server-side-encryption: AES256
edge-cache-tag: F-83753956493,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Group%20139.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
cf-bgj: imgq:85,h2pri
etag: "a44c8a54e3a9fd6dad771171d08e3544"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1662102247523
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Tue, 21 Mar 2023 07:25:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 418e97b4cd79980675a1440e7e560260.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: WxJSvRoqOyadQDLBNMvKTsJ2SHDjIooW
x-amz-cf-pop: LAX50-P3
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=6890
x-cache: RefreshHit from cloudfront
cache-tag: F-83753956493,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5250
x-amz-id-2: 2aWbnbrQ4ANOTsS/oFVH5m+Z7cy3HEKNWOS9MlxqNNTuM0G0CPDE+Ab3RGN29S2MdzgKJY4L4Ql/O5ugWUkS3Z6/Vrdkp59mCizytUQ3L8Q=
last-modified: Fri, 02 Sep 2022 07:04:08 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8Vw2A3ZICAKlRY3rsJeEjV2miPO0o1VGhJxxrsvSl%2ByTeaA0VEM8MdoEpreZtfpurLd4Z1oisY5Q6bIw7Ud0gGS%2BNiF%2BzfzwgEbl2EedoRbS0mKlpCZZEgGm7uu6UnT0Ac%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7ab475f369b155b7-SYD
x-amz-cf-id: 6XLJHmPe4Zi0Xowtdd-SSPvWBHCuLjoXUWVSZ35PAKcNThwz1IwSXw==

GET
H2 200 40e39240-8f28-4247-989e-af913fc5ff6d.png
no-cache.hubspot.com/cta/default/3911692/ 1 KB
2 KB 609ms
399ms Image
image/png 104.19.154.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/3911692/40e39240-8f28-4247-989e-af913fc5ff6d.png

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7bdf8f9ec125444bedd4c013d5b956636ea5b8407e0b60c991a361f65beab99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:23 GMT
x-amz-version-id: null
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: KQ1BK1A15DFMDC71
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1039
x-amz-id-2: 7DjDBLOS+x/Dlo31HCyJJPIoc5Xf+GJrTMMRHkpz0DNUOfiNHNqWV/leyBA700fPKAeZ6l+Rc6c=
last-modified: Wed, 21 Jul 2021 14:21:28 GMT
server: cloudflare
etag: "79b5475fbb2abb884386550a797d2e28"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrfxO%2F%2FXpnTWcjNO3BYALv%2Fn7Ep%2B4pTgQ4Oa8y5%2FBTR%2F3ISi69PU6oCMMWJiS5rLG3tP5m0BR4jPCZud4Vei8bNYnMZqS7J4Vgp3XUsc2Yv61NmvoOIQ8Emqx2zbeCp9A0R%2FFWYc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 7ab475ed7809a831-SYD

GET
H3 200 current.js Show response
www.huntress.com/hs/cta/cta/ 16 KB
7 KB 132ms
132ms Script
application/javascript 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs/cta/cta/current.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c325a3a446a33b8dfb329feec9df9c003de983a5c64bc3d27696c646e8d963c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:22 GMT
strict-transport-security: max-age=31536000
via: 1.1 10a35db7a5db275f537a340dc439408c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: O_dI.J5OwqlyrSQnZwBt_38jV6NFMeLX
age: 528
x-amz-cf-pop: IAD55-P4
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=cta-embed-js/static-1.140/bundles/current.js&cfRay=7ab468ff5252553f-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Feb 2023 05:00:29 UTC
server: cloudflare
etag: W/"2a447451325b0ef178f8f05aa802c484"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWufqj5L5W5Cld%2BBEAWgqdG3oFr32xPKizTpVuXwGSvzYL%2FE4VCmnWOhuVBsExmzoVVTES3JBigThUlmrtuWOTGhpowBslQhFaITQVph31%2FqNLQD1qp76h7T4pucncBcD0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7ab475e8bac655b7-SYD
x-amz-cf-id: mmExSafwKogwTO5rgvDH_om6kawAIFu-XgvhXEovas9t0KGgp06ymQ==
x-hs-target-asset: cta-embed-js/static-1.140/bundles/current.js

GET
H3 200 Huntress-1-1.svg
www.huntress.com/hubfs/ 17 KB
14 KB 725ms
721ms Image
image/svg+xml 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hubfs/Huntress-1-1.svg

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5fae83c7b1bc318026072592130f5d8ac977970ad81b79218dd442235a59b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-83639587659,P-3911692,FLS-ALL
age: 555386
x-amz-request-id: E7TCB3DH6NTC2WRY
x-amz-server-side-encryption: AES256
edge-cache-tag: F-83639587659,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: W/"5eb7f12b49ec4085bccb33be62bc3fe9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1662015849971
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Tue, 21 Mar 2023 07:25:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 28d9734ff3f988ae9afd788fe4df27c0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CV3yu1lUsNjBX07SDUAQdESVyZxYlca4
x-amz-cf-pop: LAX50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-83639587659,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 4FfL87qPS+WyBjEDbnxP/Vt7Db4eulnzCYq/Xt8uJMtwd9x/XJBkGP1n0am40kFqlnDvbITFBpk=
last-modified: Thu, 01 Sep 2022 07:04:10 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QglS%2BjnUGm1S81RxQleSEpE%2F0ZdZjtUVVjT1MIqU9x0AeTR3Mpm2cUwiOlo2r1AGt7nt1ewGZryLc%2BP72smaxSwwvKoa5z%2BRXsyiCupNFNDHXnLev7qhRQvUX9t6XoCU47g%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ab475ec2cc855b7-SYD
x-amz-cf-id: _2VuD1wZb9pDWUEcXlcTXZsPzHW9b8YqDnQZA9XeEMzVBf0iNPASVw==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 1677ms
319ms Script
application/javascript 23.52.112.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.112.115 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-112-115.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Tue, 21 Mar 2023 07:25:24 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
x-host: s7.addthis.com
content-length: 116398

GET
H2 200 magnific-popup.css
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 7 KB
2 KB 309ms
105ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/magnific-popup.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6444276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1497
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-1b27"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wl26L1K2JZZ2RVW2YtF6um%2FVGsR1mi6C0%2FxeM%2FcDhm5eObur%2FN4vPaMgpw0QcjoPx4%2FX91OdXQMcoK3m%2FEisu4wf%2FaqwXq083n%2B8VAC%2BWe7Vc4iRTaGd%2FtflhKz%2BTwDuPDSHvVpV"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ab475ecebbdaade-SYD
expires: Sun, 10 Mar 2024 07:25:23 GMT

GET
H3 200 Huntress-1.svg
www.huntress.com/hubfs/ 17 KB
14 KB 120ms
120ms Image
image/svg+xml 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hubfs/Huntress-1.svg

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5fae83c7b1bc318026072592130f5d8ac977970ad81b79218dd442235a59b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-39773583794,P-3911692,FLS-ALL
age: 555387
x-amz-request-id: T4KC2XGTAEDFE87A
x-amz-server-side-encryption: AES256
edge-cache-tag: F-39773583794,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: W/"5eb7f12b49ec4085bccb33be62bc3fe9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1609832613811
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Tue, 21 Mar 2023 07:25:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 8ecce36e4f9c7d96fcc3b7140122ffce.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: jsS8.Qyl076AnWtAah4sMmKUd0P8VNuI
x-amz-cf-pop: LAX50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-39773583794,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: UXWPHVpHm3XvCuwsoTsN6ELIBWoHNJUE++4WRSV5kv38oaf/7xySAdOtCYYGK6HWQJ25VdDF7DY=
last-modified: Tue, 05 Jan 2021 07:43:34 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3ESgHXuByq%2FWmiTcu15lp3Mj0x6c3vsI7XJDSRw9xPe36ZZCPtnt4BUt0NjiJf4Z5uBhjrEgRd4siffoLfoGMLe%2Filswjy1Qb9dZsmo12CBNaeF4QwihMu24NXeuwNdS4U%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ab475f3a9d955b7-SYD
x-amz-cf-id: Ep_9wWQv8N2P8boJmOVwC7b_iO5Q8TO6rrqJo8ymQIDUHBe00Se1eA==

GET
H3 200 Biz-1.svg
www.huntress.com/hubfs/ 2 KB
2 KB 122ms
121ms Image
image/svg+xml 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hubfs/Biz-1.svg

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8635796c350308ea6419713250a1cae02120881c6cc990f3b0562821201e7266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-55369190472,P-3911692,FLS-ALL
age: 555387
x-amz-request-id: BJKAQTSD5RBQN0M3
x-amz-server-side-encryption: AES256
edge-cache-tag: F-55369190472,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: W/"10aa3cb3029e1f043563140e89d76c8d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1631771480774
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Tue, 21 Mar 2023 07:25:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 cf0406bc67043378998de4d2ebe1b638.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: pb30Lhh_yVZl.AlHg0LSscg9tyoyIBsR
x-amz-cf-pop: LAX50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-55369190472,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ODL3YpwQROd2qJlDYG5qBlOuJfV9nEDDPxgSLsONaBUtSeiA3MO7TcvVxwalYHbixmVBdZxerp/6z0XecZs6Ig==
last-modified: Thu, 16 Sep 2021 05:51:21 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0BdP8J4ZlrFcKDXfeM5Xfi2Ao6lKs8ZX%2BHT1xp0yg36atJWLDjkojExjnQeQgUYwt5XvGisJFfm7LBKcr%2BQKaICTdx9Zu5V707nM628pPOFrEnKEfHEYWAi4n6WAkTNmmjI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7ab475f3b9e155b7-SYD
x-amz-cf-id: 74keYoQHMnwL4m95f5BE-ooWT6cnFreiRqAJPGbHmU8UhE7JnHEtiA==

GET
H3 200 pwr.min.js Show response
www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37647164007/1675459147413/HL_Theme_2021/Coded_Files/ 153 KB
39 KB 520ms
519ms Script
application/javascript 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37647164007/1675459147413/HL_Theme_2021/Coded_Files/pwr.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc9f94bac395a68b247d7b18c56682d5e3105df9fb210f428f379fa8b16496a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 470d4277236d0557f3e42c6bfe9dac78.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: l2MwqVH1MaNBn_HhGb88vmqd21UH5P3K
x-amz-cf-pop: IAD89-P1
x-amz-request-id: V86XBK435PP3ZA0E
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-encoding: br
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 32972b8+f5cfv/d1aJmT5xnOKYXR5WwdVMajJDClH/9r4YUH4MlqBi8rDiOs805HB9DT9TPh6Qs=
last-modified: Fri, 03 Feb 2023 21:19:09 GMT
server: cloudflare
etag: W/"305b0a8685ac0870712983a0934c9e1b"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1675459148904
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUtNsXEnJLg4PHXGoMXCfwt97MbrdxLF27mxW7GYlwA1cubc3UGy8%2BD9w0ClAyjffqwClwBasrlNN%2Fv%2B8fIVAuljJ33oZUrZpG72NzCrbfyOLQWq9uYIMfILPbOuNQ8ufCs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 7ab475ebdc8255b7-SYD
x-amz-cf-id: 1EpYkV7fFpI4aRwkeQzqmImrabgPhZBFSGl1gu6muQTak4swruSMmQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 project.js Show response
www.huntress.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 126ms
118ms Script
application/javascript 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
age: 30205395
x-amz-cf-pop: SYD1-C1
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfGTbXbgjtiE%2FxMRduUHGckE5evsyBRFgOvN%2BzCZAf%2B4D17RMQRP8mGI3Yrm4l%2BbaA1XqpqQPBw%2F2eA5D1CKrHjD6cbTaHDz09fxgvz%2F83w83N4KHWruirJsaPNYEIsLzqY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ab475ebec8755b7-SYD
x-amz-cf-id: vCwkc4lGXB9sF9cTxJRqMPMSBBraoa2vQa4spJ9hBCdC_J-Xiucz5g==
expires: Wed, 20 Mar 2024 07:25:23 GMT

GET
H3 200 module_37648262592_POWER_Blog_Post.min.js Show response
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648262592/1674668888038/ 933 B
2 KB 1182ms
1175ms Script
application/javascript 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648262592/1674668888038/module_37648262592_POWER_Blog_Post.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

79bb1b80606f5282fa20cea179f7c7f619eb1848b1d550a9e13857477cd1c38e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: BBcSXZF4Twfvqpetce9Qqr3pynKHdU7C
x-amz-cf-pop: IAD89-P1
x-amz-request-id: D9CKAQZ9GVSG414J
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: OyAPYjkUYsEUgsvsWaO9A2ZO3mlg8hsmWWbAT9Ke3VHp7SQp31GYFFwYc0ey7ygLAKpU78UcQvU=
last-modified: Wed, 25 Jan 2023 17:48:09 GMT
server: cloudflare
etag: W/"005ba15488b184ae927f2bb08fa5a345"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1674668888038
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FycCsUpKkplDMY%2Fsdvz3cdAPDa1wVcmplY1N7JlNIjLttvcgM6T8Zq2HldfUkDdNPJw%2BFe4qGk9ZS9KWI4Br1FlJ%2BgxwdwI3723aeUzwrs%2FMIQMORzzGPe9EFYcOvCGbNpM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 7ab475ebec8855b7-SYD
x-amz-cf-id: Z5Xa4qb_J5bp8RCIbSMD0MpF_kAH7Ty7suh55v8h9PpJkQOVuyiuMA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 jquery.magnific-popup.min.js Show response
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 20 KB
7 KB 273ms
106ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2307017
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6546
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-4ef8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btU1LzrO2FlRFKJCrXVcceNxrNaEP5cRJ8KJWukl65UE2jIqyf79PEsoe2UgALDUUiIUl%2BGNubZekEhtjO2aqAnNLee19vPtE3ob4ajfOErcrElIN062W3nU2UR2PUVyM6sT3MoV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ab475ecebbeaade-SYD
expires: Sun, 10 Mar 2024 07:25:23 GMT

GET
H3 200 sticky.min.js Show response
www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/67886983812/1646636852236/HL_Theme_2021/Coded_Files/ 3 KB
3 KB 568ms
561ms Script
application/javascript 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/67886983812/1646636852236/HL_Theme_2021/Coded_Files/sticky.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

11bcaa66e2e5486338bbf15bc2af4136962618bd84574c350c82c501d64f6868

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 2a6e657acb4fd3f6aee2e3da45e44642.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: oIU6rHYsVQSZOhrGoqvW7sFAXkwuMMSC
x-amz-cf-pop: IAD89-P1
x-amz-request-id: 8KNPJ3ENXMKYT4R4
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Z5MNfVmOLZe7YtHotnCH2JF32pIqtdj3a6mKC9nK2d6np9GX0NAS+ycMYUjNpZTGwYvnG0qZwi8=
last-modified: Mon, 07 Mar 2022 07:07:33 GMT
server: cloudflare
etag: W/"55ae62a2138b0ac2dad2cd6f3fc3decb"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1646636852583
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mhlj0LqvArog4jRqNyPTwAKrhlf99L3gQh1kS7T3wnJuEZLhf6KNP4eUDhm6xTQoe2tCdzzLcoFHb2vMnbpslnfKWFcgRX5B21ePwdzCot6L0N8Tj3a5T8yMpMxV9EZq40%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 7ab475ebec8955b7-SYD
x-amz-cf-id: iLP3UxP0AUTJmC9QNs7WJF4H1EIHfBzzIS9lH6seEDyU6a6hJgoWvA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 module_72308060713_Blog_Related_post.min.js Show response
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/72308060713/1669043943002/ 365 B
1 KB 1130ms
1123ms Script
application/javascript 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/72308060713/1669043943002/module_72308060713_Blog_Related_post.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3367498692c5f6cdc662369af915c0c2f13b7f6af9e67a522d2e7fc1b3299364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 76cd2de9f0213e8c76093c6b346e8118.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: SBG.fyduSO9gOy.FmtNERc3Ncw_1ixXc
x-amz-cf-pop: IAD89-P1
x-amz-request-id: 0FXSXAGYWCD7PTWV
x-amz-server-side-encryption: AES256
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: dVZTTVr2c9riO4H4tm43gtypTbkbmJS6taZr7LchjmYGqK+l9j03kTXmSiVpgpdveoygwctZ+38=
last-modified: Mon, 21 Nov 2022 15:19:04 GMT
server: cloudflare
etag: W/"136cb371b82e4f0a84d11b654e92bb11"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1669043943002
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onc1bR7cVPdYv3dd%2BkM2n6V8NgX1epzRYkmGzzNMERY3mDbUiAAALSWpd2BZYmqTNG6U27gP3hzJHpJxleWqnTrPjcTzKpdebV6aW2KmdOmLN2KhmJQ0A4Ren83j9W9CDGM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 7ab475ebec8b55b7-SYD
x-amz-cf-id: eG6QJHdFApMyeKlnrpnvi5ToR6PJhpxXagCMMvClP44NJKTK1VqApg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H3 200 v2.js Show response
www.huntress.com/_hcms/forms/ 509 KB
160 KB 125ms
124ms Script
application/javascript 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/_hcms/forms/v2.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec5f7597c123181788fd043c205d990937daab3c1565e7df4ba16d47f030c160

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 e71ab653feb8332f51edf19089ecf9fc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 2wXcdIzl9WRVTrxeR26mvDAXbt4ZcTF6
age: 191
x-amz-cf-pop: IAD55-P4
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2802/bundles/project-v2.js&cfRay=7ab471431712fb8c-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 08 Mar 2023 01:33:37 UTC
server: cloudflare
etag: W/"ae0386c025bb39c5f937fe3f182d3e80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQ6da8KBcpYjbWcdYSqP%2Fh3h4%2FTZLqZvxQHMrQGwXhrdr2tAovd7Kf8teCNKEVP1Vgs%2FeJvA0hfZjlioyQZMtzjv5HjNnz9K7decc4TebILR8cjzk1WXvxY7%2BQn8W38WX%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 7ab475f0bfb755b7-SYD
x-amz-cf-id: ka-9n6GrgTprW13x1gCQLLMtlUJCV8hAt7l9hTl6tsJyHvdCS74rgQ==
x-hs-target-asset: forms-embed/static-1.2802/bundles/project-v2.js

GET
H3 200 3911692.js Show response
www.huntress.com/hs/scriptloader/ 2 KB
1 KB 391ms
390ms Script
application/javascript 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0865e79e9901da86a71e114a56e384080426784c5d18c9909e34a7470bee003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:24 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 41e4ab64-2b23-4ca5-9021-2953d134c4e6
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 21 Mar 2023 07:21:53 GMT
server: cloudflare
x-trace: 2B094E5F226D42561EF21CE1AE73DBA28FD5207026000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.huntress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2Fjk0RgSz03y9YfHn7%2FZVrfeyrEIQAb5DR%2F0J2wQMkAJssD938LuT%2BuIl146i%2BjLcYt9yXvNMT2rB5VQRl6xuiz63q%2BCX7KdwSp3tA3VTN6PdOSKd%2BsM4hERD0%2Fvf1OYvNk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7ab475f3c9ed55b7-SYD
expires: Tue, 21 Mar 2023 07:26:24 GMT

GET
H3 200 index.js Show response
www.huntress.com/hs/hsstatic/HubspotToolsMenu/static-1.154/js/ 11 KB
5 KB 117ms
117ms Script
application/javascript 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs/hsstatic/HubspotToolsMenu/static-1.154/js/index.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

49c050c7a4775b5b84a5ceabf44f33074c79c051306286a8be611e9794704894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 3262f7038fb2f60f7b35c40afe2b7d60.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: zqfoHVEO7SsMjSP1JrsnDQf9ix87l6qJ
age: 3425942
x-amz-cf-pop: AKL50-C2
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Feb 2023 15:43:08 GMT
server: cloudflare
etag: W/"d57b3d84e0be8dd0aef0781d100c0d14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99X95OE22b21fHq19vfCJGLbQ4GsCvMNrvQ9oDF6trZa6m9rxZvilUSkiiUr5FlT1r4uPSx0FsAszd%2BlkIhnuPSgy44it%2F7QftiPDXRdTZWqEffx7bsr9ZCkFi7kwBCqm1o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ab475f3fa0f55b7-SYD
x-amz-cf-id: N0g1R3C-ks7gs9s1ZwqVx3nD3A1fe3350mY_LRStbaXBPqG6WqxDFA==
expires: Wed, 20 Mar 2024 07:25:24 GMT

GET
H2 200 polyfill.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-polyfills/0.1.42/ 69 KB
16 KB 106ms
105ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-polyfills/0.1.42/polyfill.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd77c41d41a299d224e36572ee84e734bb53f2c56b3babe78619ec413d56d68a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8510265
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15998
last-modified: Mon, 04 May 2020 16:11:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec6-11405"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZAoljkSrXHa25QZDP71hjzrqwAvDuZvIaFngzT%2Bw28jf%2BFLA7pTg4%2ByrCAbovEMJaotu1cWpYcqWe6h%2BLUG%2FtZqSCUo8wq0SYpsReeYjXoHG%2FKdZqD5Ydr1yBOTKrhnWr2ixgdh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ab475f0bfaaaade-SYD
expires: Sun, 10 Mar 2024 07:25:23 GMT

GET
H2 200 lozad.min.js Show response
cdn.jsdelivr.net/npm/lozad/dist/ 3 KB
2 KB 314ms
108ms Script
application/javascript 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 30730
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230052-FRA, cache-yyz4556-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"c17-/CtD5WDEW7iHrdmPF7CEBoqSMss"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aaLQtKRhBSu0ZbUKEbwOibh6b39IAlUtdecXdj%2FNmk3vpYYnWQqkX3oyfmQKgQcMDWT5bHCkTbCQXHpz%2B7FfN5QlUex2bpvB0pyexrwAQs1Wwk7QIvspo2MO1Husrx8rrAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7ab475f1f987a949-SYD

GET
H2 200 sp.js Show response
cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.15.0/ 111 KB
33 KB 112ms
110ms Script
application/javascript 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.15.0/sp.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19680a27e88da4a3713af26571b4849096e75d617f2845574af7fd15746256bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 153172
x-jsd-version: 2.15.0
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230073-FRA, cache-yyz4538-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"1bcc9-Fvi1pHLpkqezVQp0uCr6MtFyy4s"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGgHFxoFKzaGP93omhGLmmCwVJ4cnZfb5AY6W1SW9swYQhMImizLjik79MMvaCeu3lsONiBtiAHdycU6PcvwP1musVMu78uRiWql2BAo0IVGQljBGy2BltLMViUXNfNa6s4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7ab475f43b87a949-SYD

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
2 KB 310ms
105ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=620982&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Feverything-we-know-about-cve-2023-23397&f=1&r=0.39038483574151894
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gsyd1 /
Resource Hash: 63d7ec4bfc7f133b7de69b6cb5bcb05aaacf336196c01016d11a4112ac669c7b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:24 GMT
content-encoding: gzip
via: 1.1 google
server: gsyd1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 405ms
110ms Script
application/javascript 104.18.223.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scout-cdn.salesloft.com/sl.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.223.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:24 GMT
x-amz-version-id: 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: RNQ633NPPFFP52X5
age: 2091
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: CXyr6+NiNws+RpNhS+SWyWrjVYdKzeWN6zUQSLs6eoJ4vJUEFC9tYFAP2guvLSUjqgqlEWWgSy4=
last-modified: Mon, 13 Dec 2021 16:28:37 GMT
server: cloudflare
etag: W/"d74cc4825c8e333b2116da3fcc649db1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7ab475f64d06a7f9-SYD
expires: Tue, 21 Mar 2023 11:25:24 GMT

GET
H2 200 HKNova-Regular.woff2
3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/HK_Nova/ 32 KB
33 KB 586ms
375ms Font
application/font-woff2 172.64.154.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/HK_Nova/HKNova-Regular.woff2
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37640723000/1678796142999/HL_Theme_2021/Coded_Files/pwr.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9cdf9b8cd47c0a17356ff68e2581021800a4c86dd8d71aaf0ad5cfe025b114e

Request headers

Referer: https://www.huntress.com/
Origin: https://www.huntress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-38491779608,FD-38491499040,P-3911692,FLS-ALL
age: 764051
x-amz-request-id: 0P89QA648VSJWJW0
x-amz-server-side-encryption: AES256
edge-cache-tag: F-38491779608,FD-38491499040,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: "5a3239585a66868a9109bab6273f0a26"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1607406808501
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Tue, 21 Mar 2023 07:25:23 GMT
via: 1.1 d3e9860c1306f02cb57e75ed57120ee4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: y1_7cBbebzu1P55qghtsCfIzqKHObY4N
x-amz-cf-pop: LAX3-C3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-38491779608,FD-38491499040,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
content-length: 32892
x-amz-id-2: Mgq9uQPs2VTdE8/DILKcZLFjUguVqpritfO5Q8MlR9D4XRW8SbCQWu57HZFOALHUTx22leKoEeegihcVF+6NMvtLHRRFOWr4PLmzanq8iPM=
last-modified: Tue, 08 Dec 2020 05:53:29 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 7ab475ed4af5a835-SYD
x-amz-cf-id: 4rsQQyz2pR42z_YJ0Wchz3xlOY_0nF5Fy5blCge7zBjisIfweYzg7w==

GET
H3 200 BlogHeader-ResponsetoIncidents-Veeam%20Backup%20&%20Replication%20CVE-2023-27532%20Response-1.png
www.huntress.com/hubfs/Blog%20and%20Social%20Headers%20%28From%202-1-22%29/ 409 KB
411 KB 124ms
123ms Image
image/webp 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hubfs/Blog%20and%20Social%20Headers%20%28From%202-1-22%29/BlogHeader-ResponsetoIncidents-Veeam%20Backup%20&%20Replication%20CVE-2023-27532%20Response-1.png

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

29538a3d1fe20b9a25fb0b02ba37828fb457bba76c294a40a1c81638ce1b9886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-106824138336,FD-65276690465,P-3911692,FLS-ALL
age: 318694
x-amz-request-id: BSQPTNCVEAJEMP8J
x-amz-server-side-encryption: AES256
edge-cache-tag: F-106824138336,FD-65276690465,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="BlogHeader-ResponsetoIncidents-Veeam%20Backup%20&%20Replication%20CVE-2023-27532%20Response-1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
cf-bgj: imgq:85,h2pri
etag: "e7658dd54055ab7f0f063f578cd093e9"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1679002501962
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Tue, 21 Mar 2023 07:25:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 3a0be74dc327ae28e2ab5ad182eea85a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 3ZHBHl1zNpG0iC2oQ6DQutSJCW06JOZT
x-amz-cf-pop: DUB2-C1
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=646323
x-cache: Miss from cloudfront
cache-tag: F-106824138336,FD-65276690465,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 419178
x-amz-id-2: 0jVD0VQGuo8V7/6Hf55EaHtoojp5n1c1uhQ5O8ia+xW/Bb1lU9e3d3KLDaqY6N0NSw3+/CAOh2Q=
last-modified: Thu, 16 Mar 2023 21:35:03 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxS399J6eSq90B0raBX1BDPDOIGKRWaIpslhpR0bP8%2F841UyDlS8I6g2kJoAlwZ%2FqMzgj%2Bt9smrEhkGw%2BpYFXvDwlaLjFLzzn7xt7O9%2BzvIZ5yTWG%2Fr7CcRE%2FYfO1S9YXAs%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7ab475ec2cc655b7-SYD
x-amz-cf-id: MJoF7lPptlJbBOQcgRTkcQPQPMtaeLr3m-MC7LeMpKEvxoOn1Sf2qg==

GET
H2 200 visuelt-black.woff2
3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/Visuelt/ 28 KB
29 KB 537ms
352ms Font
application/font-woff2 172.64.154.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/Visuelt/visuelt-black.woff2
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37640723000/1678796142999/HL_Theme_2021/Coded_Files/pwr.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b990552df973348baaa61af6a11d527c465edb14339f38e25d112b2a1a72ab0e

Request headers

Referer: https://www.huntress.com/
Origin: https://www.huntress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-38492600914,FD-38492172814,P-3911692,FLS-ALL
age: 727944
x-amz-request-id: B3YYGJN5N3CVMQV6
x-amz-server-side-encryption: AES256
edge-cache-tag: F-38492600914,FD-38492172814,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: "80407703322249fe13bbef5596e9e414"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1607408610505
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Tue, 21 Mar 2023 07:25:23 GMT
via: 1.1 a0952e77b9957cb83b937bcd1e067e24.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: zgv.hEhHVdSF2XuwUP4L0JY36hLML11L
x-amz-cf-pop: LAX3-C3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-38492600914,FD-38492172814,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
content-length: 28504
x-amz-id-2: UDQX+j0uhQZlC+l/OfN3TZpWYDRBSYcjarugPKWXsSIt7F+7kOI/L8wcAvfaMUmYnO8+tGcP9ZU=
last-modified: Tue, 08 Dec 2020 06:23:31 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 7ab475ed4af7a835-SYD
x-amz-cf-id: 1JSyHxhJGhKjl6NCToue-JFXszfBV52ktgxJYcLAt0fjh-d0mkoXng==

GET
H2 200 HKNova-Bold.woff2
3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/HK_Nova/ 33 KB
33 KB 657ms
473ms Font
application/font-woff2 172.64.154.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/HK_Nova/HKNova-Bold.woff2
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37640723000/1678796142999/HL_Theme_2021/Coded_Files/pwr.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe056293886177b09ff745622e1ed914c80210571ba1c1f357e26f2a456cc10

Request headers

Referer: https://www.huntress.com/
Origin: https://www.huntress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-38491499045,FD-38491499040,P-3911692,FLS-ALL
age: 975818
x-amz-request-id: YXC5ARFSB9PTGXTS
x-amz-server-side-encryption: AES256
edge-cache-tag: F-38491499045,FD-38491499040,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
etag: "c70ef2ebf7b362a95b0a872d29d0ecda"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1607406808193
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Tue, 21 Mar 2023 07:25:23 GMT
via: 1.1 db5074d02aa0b9851d4e5d66a6fc3826.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: HksL4GZhEqXLWJawp7ng3VY8IqbEzeqn
x-amz-cf-pop: LAX50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-38491499045,FD-38491499040,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
content-length: 33624
x-amz-id-2: cXt3unq9BahkY/2XpENEJXsPnbmpBKd0SFm7mswqUxXJmGT8kxw3iM1nuQtWNme+4JRWiSKRo12H52dZ6xBN4A==
last-modified: Tue, 08 Dec 2020 05:53:29 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 7ab475ed4afaa835-SYD
x-amz-cf-id: 8Kp-b-L7jlKe6L_TvGWTUDHUwKxm40jK14JdqR3RIcqE2NiFqfkYzQ==

OPTIONS
H2 200 tp2
webhooks.fivetran.com/snowplow/326b5e9f-b03b-4ea3-894f-c545305b3241/com.snowplowanalytics.snowplow/ Frame 0
0 906ms
300ms Preflight
application/json 34.139.124.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://webhooks.fivetran.com/snowplow/326b5e9f-b03b-4ea3-894f-c545305b3241/com.snowplowanalytics.snowplow/tp2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.139.124.58 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.124.139.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.huntress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-origin: https://www.huntress.com
content-length: 0
content-type: application/json
date: Tue, 21 Mar 2023 07:25:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin

POST
H2 200 tp2 Show response
webhooks.fivetran.com/snowplow/326b5e9f-b03b-4ea3-894f-c545305b3241/com.snowplowanalytics.snowplow/ 53 B
325 B 991ms
394ms XHR
application/json 34.139.124.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://webhooks.fivetran.com/snowplow/326b5e9f-b03b-4ea3-894f-c545305b3241/com.snowplowanalytics.snowplow/tp2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.15.0/sp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.139.124.58 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.124.139.34.bc.googleusercontent.com

Software

Resource Hash

4081a5f270ace3305571b8f393e20c3a50141d103fb6fced35cf64d5182c2cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Tue, 21 Mar 2023 07:25:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.huntress.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 53

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 300ms
299ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=620982&d=huntress.com&u=DA3161FE3E6B16DD438AC492C0F20A4AB&h=40a4e68b8a7b89c90712ec7a944cae9c&t=true&r=0.7492937209531192

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 07:25:24 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
404 B 983ms
297ms XHR
application/json 54.225.3.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDc1MzJ9.cEH1s6yztON1Ehgx-719N-kMH0OD6S-0URMdFL8pAP0

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.225.3.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-225-3-167.compute-1.amazonaws.com

Software

Resource Hash

b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.huntress.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: 726909b4daaaf18dd3a11f087b6e3727

GET
H/1.1 200
OK counters.gif
perf.hsforms.com/embed/v3/ 35 B
749 B 595ms
387ms Image
image/gif 104.16.89.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-timeout&value=1

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.5 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 07:25:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: MISS
X-HubSpot-Correlation-Id: 09ebb401-9315-40b1-ba01-dd95ada14b7d
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 35
Last-Modified: Tue, 21 Mar 2023 07:25:25 GMT
Server: cloudflare
X-Trace: 2B6283F9460576D17D79722F240967103BB6313186000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 7ab475faefcea93d-SYD

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 978ms
322ms Script
application/x-javascript 104.75.165.244
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.165.244 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-75-165-244.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

unused62: 8096267
date: Tue, 21 Mar 2023 07:25:26 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: FE5F052E925B655E
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=19605
accept-ranges: bytes
content-length: 948
x-amz-id-2: vOqjBCL2ViTraeYe3pexJTMUR60z1YFqujYU/nA7H5TPqU0p5qHp5kqKqsTpVHAH6pomQmhzIH8=

GET
H2 200 Qh5BPsf_NMo Show response
www.youtube.com/embed/ Frame 0630 71 KB
29 KB 858ms
470ms Document
text/html 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Qh5BPsf_NMo

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

ESF /

Resource Hash

46bac3ec4bf7b11a30e127a3a67e533d834e29849b9c71ae0fbd3da5f782a189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 07:25:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zqnCa6MztZU Show response
www.youtube.com/embed/ Frame 8974 71 KB
30 KB 659ms
273ms Document
text/html 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/zqnCa6MztZU

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

ESF /

Resource Hash

c9162d4290d87dcbc846b47826cc97577d6ec6e910476989575f0cb135d2f220

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 07:25:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 c21CsdO7iCE Show response
www.youtube.com/embed/ Frame 9AB9 71 KB
29 KB 1060ms
677ms Document
text/html 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/c21CsdO7iCE

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

ESF /

Resource Hash

86a237382230f522dad7322282ae762d3e6a8afdb38ad64f4bc9647320e2364e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 07:25:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 WMFAwLX_O0o Show response
www.youtube.com/embed/ Frame CABD 72 KB
30 KB 965ms
584ms Document
text/html 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/WMFAwLX_O0o

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

ESF /

Resource Hash

9d24eb5dee55f30a11bc4873997bdb980b2fbae8d8d89b166dbc4cf1a45f89e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 07:25:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 image-png-Mar-17-2023-01-58-42-3120-AM.png
www.huntress.com/hubfs/ 78 KB
80 KB 122ms
122ms Image
image/webp 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hubfs/image-png-Mar-17-2023-01-58-42-3120-AM.png

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f88c3a17b2d1cd4ae2ed32f2a1efa3f60636ee55ef6255d95d1f17f4cd1f50b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-106845459104,P-3911692,FLS-ALL
age: 318692
x-amz-request-id: CGGMNFJEA4JAC92C
x-amz-server-side-encryption: AES256
edge-cache-tag: F-106845459104,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="image-png-Mar-17-2023-01-58-42-3120-AM.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
cf-bgj: imgq:85,h2pri
etag: "7dde6d08349a43ca59ae3a4a7d91fbf2"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1679018322312
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
date: Tue, 21 Mar 2023 07:25:25 GMT
strict-transport-security: max-age=31536000
via: 1.1 5e2b2bef8be6bee05fe23de3ed9e3a6e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: k3sVMKioqSz8GOlaOD.oAjGsWHrhSGSd
x-amz-cf-pop: DUB2-C1
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=138294
x-cache: Miss from cloudfront
cache-tag: F-106845459104,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80302
x-amz-id-2: OXU206v/g+hoI+t6UiqmdVyawbNYk19UPG6oBGpugV6TvwUzu+RVzndBc/I6WUrh/uAEVQG1IFw=
last-modified: Fri, 17 Mar 2023 01:58:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rx7QJhazYZVcrpCbGh6QCoIDHmnWxdtS6qG25D%2Bnh57dBUOZgKj98xAtar%2FtK%2BWPGsE%2FSulQt%2BRtsD%2Bx3dJoN2%2BiFyknb5GRsz6BGG%2FQFjuHgl3olf3268uaPBPVKH4eO%2FI%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7ab475fd2fc855b7-SYD
x-amz-cf-id: Q--XQKx2wC_2pLh7x41_RTwfQkAD4tdBPHsrsJIsjaSgxjBq8aipXw==

GET
H3 200 BlogHeader-ResponsetoIncidents-Veeam%20Backup%20&%20Replication%20CVE-2023-27532%20Response.png
www.huntress.com/hs-fs/hubfs/Blog%20and%20Social%20Headers%20%28From%202-1-22%29/ 98 KB
99 KB 133ms
132ms Image
image/png 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hs-fs/hubfs/Blog%20and%20Social%20Headers%20%28From%202-1-22%29/BlogHeader-ResponsetoIncidents-Veeam%20Backup%20&%20Replication%20CVE-2023-27532%20Response.png?width=600&name=BlogHeader-ResponsetoIncidents-Veeam%20Backup%20&%20Replication%20CVE-2023-27532%20Response.png

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

062000ed088a56d5d283950b0fee6ef862b13eabe1144b43092b5e980cb7d2c5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:25 GMT
via: 1.1 d6a4f7a34966a5e0069bb151bf9adb7a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag: F-106358677137,FD-65276690465,P-3911692,FLS-ALL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100099
cf-resized: internal=ok/m q=0 n=944+0 c=42+57 v=2023.3.3 l=100099
last-modified: Mon, 13 Mar 2023 20:12:15 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfRUJ2pCxRjSzoMi0P7M63MuxUjB129824Eq0-_AXqDQ:c1663af0e40d60bb4aaed4793c46b60c"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfzwSagKC%2BSlpRb3dXFLPe26jmcf4r6X%2BHmOD0RmPjjxplsdQz3L%2B4fVMVyRJw7DeMkyuEqtiCno2Ug6shVZXoiOXTG%2Fc5J5cY%2F%2BhMpzB0a1x4dqqZRtbQ5z%2FOIXKaP8RQs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1209600, s-maxage=1814400, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7ab475fd2fc955b7-SYD

GET
H3 200 BlogHeader-ResponsetoIncidents-Threat-Advisory_-Qakbot-Activity-Is-Rising.jpg
www.huntress.com/hs-fs/hubfs/Blog%20and%20Social%20Headers%20%28From%202-1-22%29/ 9 KB
10 KB 125ms
125ms Image
image/jpeg 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hs-fs/hubfs/Blog%20and%20Social%20Headers%20%28From%202-1-22%29/BlogHeader-ResponsetoIncidents-Threat-Advisory_-Qakbot-Activity-Is-Rising.jpg?width=600&name=BlogHeader-ResponsetoIncidents-Threat-Advisory_-Qakbot-Activity-Is-Rising.jpg

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a2656abff35c90593bc6bc28c90c5960cb35d8b1c441a2fff51abf24a8c8520

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:25 GMT
via: 1.1 39e44e46353104df87ef42f4a05553fa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag: F-94526611211,FD-65276690465,P-3911692,FLS-ALL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9431
cf-resized: internal=ok/m q=0 n=436+0 c=11+39 v=2023.3.3 l=9431
last-modified: Wed, 07 Dec 2022 20:11:31 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfoRLbBHCYbB0XCa62RxjE-_ThjB129824Eq0-_AXqDQ:a304346e4b3fd26737af678380d013f1"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8COW39nv2ukmi6cMOHjTr%2FKWx5BmAo2l3cWrfTPysCwp5FWVFFdKuyVFgDRlaELkl%2FK8fru0XlhGQbFkc8HtOD8t7C29bKaLl2bXjV2T6Y5uFQD1RTPebvz%2FIjvICIfy%2FWc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, s-maxage=1814400, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7ab475fd2fcc55b7-SYD

GET
H3 200 json Show response
www.huntress.com/_hcms/forms/embed/v3/form/3911692/196be66c-f1bb-4156-af05-2952954526cd/ 8 KB
3 KB 371ms
370ms XHR
application/json 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/_hcms/forms/embed/v3/form/3911692/196be66c-f1bb-4156-af05-2952954526cd/json?hs_static_app=forms-embed&hs_static_app_version=1.2802&X-HubSpot-Static-App-Info=forms-embed-1.2802

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcbf1fab6443e45f4c46e7ca2f324c0b2a0e236ddd8a4e65e97b12c129b3094f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-origin-hublet: na1
date: Tue, 21 Mar 2023 07:25:25 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 49c1343c-3a5a-4c9d-91bd-5de4dab2bac7
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B122398C3126634C394EC443CDF42B81D3DB66052000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1O3TBEJTeA8cNwfeOk3aBPr6DzlbYHJirKexuEhJHtC%2BZgNpXFVINdTnFlfZCtjPzj0jMo9eAhFRvOHj2m7NTohF33PIfjcJLg1dxjxlyChP9vB01a9m%2FrVI9%2F4ahCRjDUg%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 7ab475fa7e5655b7-SYD
access-control-allow-headers: *
x-robots-tag: none

GET
H2 200 hotjar-2159185.js Show response
static.hotjar.com/c/ 9 KB
4 KB 1056ms
495ms Script
application/javascript 13.225.103.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2159185.js?sv=6

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.103.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-103-94.hkg60.r.cloudfront.net

Software

Resource Hash

2ae7aa2c0a0e19050d31636218639574b56fd5677c5cd4c0d3d587df6a9f0e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f38a78a2a0484ca72b698f4e2dc320f2.cloudfront.net (CloudFront)
x-amz-cf-pop: HKG60-C1
etag: W/d1b407d6afbef7a5e1db20deeedb6a38
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: GF3hb4iF70f1HggqNRAyYE5qo6XBvcYR946UKvhTLShpe9CMX46qaA==

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 727ms
241ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

935ca3aeeb6f4e0cbc8160dd1d35ff0ffe94f719156c0330fd0e20f21d6965d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Mar 2023 07:25:26 GMT
content-md5: 8IxIFZ/qVDsbhL41fiCaUA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: lzn1pP75pcgr4C56iSIKZfJIoQrcFlLFwVh9Y0uhitlix5Ffc6uGJ5a06KFUCAVD0amR8Pa+CE0jEJpnohFyBQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 548340344
x-fb-content-md5: 8c34d27e2905baa2b228902ff0beb877
cross-origin-opener-policy: same-origin-allow-popups
etag: "b1bc91956f8764ca36c8a9e526b23c92"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 21 Mar 2023 07:39:45 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 418ms
99ms Script
application/javascript 192.229.237.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.237.25 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nwa/E791) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 07:25:26 GMT
Content-Encoding: gzip
Age: 1034
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (nwa/E791)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 327ms
106ms Script
application/javascript 104.17.115.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.115.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccaabd1f9aa371b58a46ba623deadf51680ab27109b399559724856bf925ec9d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:26 GMT
x-amz-version-id: U0cNE4RbBA1fh8BSp1QKep.V2dqyarjX
via: 1.1 9bfafde51fc331b971140cbd2b98172e.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD55-P3
age: 61
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.338/bundles/pixels-release.js&cfRay=7ab47480ca3bdfaf-SYD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Fri, 10 Mar 2023 06:22:14 UTC
server: cloudflare
etag: W/"afe2d57e0b6425d8d30346e51ffa1dfe"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7ab47600786da949-SYD
x-amz-cf-id: 0YpC78Nf5zQYbILHnNzrj1O6KfDyitLNc6tFw3KK0S_tkU0d-rPTiQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.338/bundles/pixels-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 68 KB
25 KB 592ms
380ms Script
application/javascript 104.17.130.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.130.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3f2b8b4f35e3ac89735724f660e345274378e92d3d1c1f2695c04a0460fab3c

Request headers

Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
Origin: https://www.huntress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:26 GMT
x-amz-version-id: UTgFLxzqgfPWpvgFow3DNbYx_N7FOQZ9
via: 1.1 90ac509e6263ee9fa7bb3f1ed1f46118.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-cf-pop: IAD55-P3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.331/bundles/project.js&cfRay=7ab476014cca5581-ATL
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Thu, 02 Mar 2023 01:24:29 UTC
server: cloudflare
etag: W/"9656224f3534bbb83c23ef97671f6be1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 7ab476014cca5581-SYD
x-amz-cf-id: thyuJD0lkKJYgIhdku5fUHGX_ewXVuFnZz3de4npLQKK5kuaRtLEYg==
x-hs-target-asset: collected-forms-embed-js/static-1.331/bundles/project.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 545 KB
87 KB 325ms
114ms Script
application/javascript 104.17.233.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.233.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fab06beda6c8c452e25e0adee818c31d7fb0b8381d370d3dcbb9d62ec8107860

Request headers

Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
Origin: https://www.huntress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:26 GMT
x-amz-version-id: waE9SUXeTvXi6sWFWRT4B49N3dJ8yImu
via: 1.1 7bac70c3c5deda2f56c0a3aff53deab0.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD55-P3
age: 84453
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1163/bundle/main/lead-flows-release.js&cfRay=7aac68296d40a7ed-ATL
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Thu, 02 Mar 2023 09:43:53 UTC
server: cloudflare
etag: W/"15b55a577dac25b07b6c519f5d1a3aec"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 7ab476025a98a80b-SYD
x-amz-cf-id: 2bbZXAnw8m3TxCPhqi6L_t0VTKBwxUOUo7KPW0wH_0y9VStS9wI3Ww==
x-hs-target-asset: lead-flows-js/static-1.1163/bundle/main/lead-flows-release.js

GET
H2 200 3911692.js Show response
js.hs-analytics.net/analytics/1679383500000/ 65 KB
20 KB 572ms
365ms Script
text/javascript 104.17.69.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1679383500000/3911692.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.69.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac55986f43a7a12101835ace8d62b72e6207aa9a0c71af1b07fb014e88c8c45f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:27 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 1RD87K85APX22FTX
x-amz-server-side-encryption: AES256
x-amz-id-2: dvMny7Hs1bcmeGrfhkeQvJ3vg+mXIdvCuTmC13XvN0On0fDMt38O7X2dwCcmkWWaYQFkj55QsTg=
last-modified: Thu, 02 Mar 2023 23:04:57 GMT
server: cloudflare
etag: W/"6000f1fd7a79cc6ef6172420fc3641bf"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 7ab476025d4ba868-SYD
expires: Tue, 21 Mar 2023 07:30:26 GMT

GET
H2 200 3911692.js Show response
js.hs-banner.com/ 60 KB
16 KB 580ms
369ms Script
text/javascript 104.18.33.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3911692.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db247da989b444145ac8089c0e67518ec866692e3a063d55fbd677e7b93247ee

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:27 GMT
x-amz-version-id: GasN4YO2MODTYKn1ZtY1Nq3iAObcATUn
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 79QYTS3C2QE2SB2H
x-amz-server-side-encryption: AES256
x-amz-id-2: Rteq8lf5bh8ehE74DyKb8cqRO4bLFUhRnYQPorrDnRJ+kTwGQeC75773WRv7hiAPuYfUA4ZUNGk=
last-modified: Wed, 01 Feb 2023 14:51:13 GMT
server: cloudflare
etag: W/"53dee976c8f9c15af4a730f04a4166ff"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.huntress.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7ab476025baea838-SYD
expires: Tue, 21 Mar 2023 07:30:26 GMT

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
403 B 427ms
298ms XHR
application/json 54.225.3.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDc1MzJ9.cEH1s6yztON1Ehgx-719N-kMH0OD6S-0URMdFL8pAP0

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.225.3.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-225-3-167.compute-1.amazonaws.com

Software

Resource Hash

b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.huntress.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: bdacedbb603a3f83db6d04eace8c8a6f

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
364 B 374ms
367ms Script
text/plain 104.19.154.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=3911692&callback=jsonpHandler

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/hs/hsstatic/HubspotToolsMenu/static-1.154/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
server: cloudflare
x-hubspot-correlation-id: 208b8bf4-3f66-451d-986b-20289724a7ac
x-trace: 2B2C359F3F5D99A160EE7675743D23E2D658106D88000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 7ab476012cffa831-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=7ab476012cffa831&resource=unknown"

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/YOUR_ID/ 27 B
207 B 579ms
573ms Script
application/javascript 23.52.112.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/YOUR_ID/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.112.115 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-112-115.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:26 GMT
content-encoding: gzip
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 47
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 102 B
960 B 572ms
558ms Script
application/javascript 23.52.112.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=64195be594dee9be&bkl=0&bl=1&pdt=11426&sid=64195be594dee9be&pub=YOUR_ID&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.huntress.com&fp=blog%2Feverything-we-know-about-cve-2023-23397&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1679383525481&jsl=1&uvs=64195be5f430051a000&skipb=1&callback=addthis.cbs.jsonp__249649006374371040
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.112.115 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-112-115.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dbb34bb54b5f0572830a2d6de4280161e504762decce6b3db394db1af8867cb8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
pragma: no-cache
date: Tue, 21 Mar 2023 07:25:27 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 102
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2FA6 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame B09E 71 KB
26 KB 316ms
315ms Document
text/html 23.52.112.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.112.115 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-112-115.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Tue, 21 Mar 2023 07:25:25 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 cta-json Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 3 KB
2 KB 355ms
352ms XHR
application/json 104.19.154.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.huntress.com%2Fblog%2Feverything-we-know-about-cve-2023-23397&pageId=106809771290&pid=3911692&sv=cta-embed-js-static-1.140&rdy=1&cos=1&df=t&pg=40e39240-8f28-4247-989e-af913fc5ff6d&pg=40e39240-8f28-4247-989e-af913fc5ff6d

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/hs/cta/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10b2d7606e83d5695bdfb06629634ed9640c8ba1eeb1dcc0968267fb6f92590d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-origin-hublet: na1
date: Tue, 21 Mar 2023 07:25:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 169fc8cb-be66-4c61-982f-a1a46f99e0a4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B7AC5F9BFEF525E13495FC90B7F4F508D2592560E000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.huntress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yoFrsecpsGwL9d1b3ypEN7V23udH2g8a9BFxjOcrVwqTX4LO6rLsY9l43Pg9EDkeT8GxihIsvf03lnAWhUp9SS7Ey4KZ6D%2BkU60sTMvsOLjnMIm1LiU5gmzzjUAuAoEC9YAejVT61Sm0BrNYOR8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-max-age: 180
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7ab475fabe71a831-SYD

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
667 B 604ms
349ms Image
image/gif 104.16.89.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.5 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 07:25:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: 9692a174-c2e5-41b8-ba20-373177557e9e
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 35
Server: cloudflare
X-Trace: 2BB522D0800B7108BA86592877851D78E3222218CE000000000000000000
Vary: origin
Content-Type: image/gif
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7ab476053874a7f9-SYD

GET
H3 200 cta-loaded.js Show response
www.huntress.com/hs/cta/ctas/v2/public/cs/ 0
839 B 409ms
409ms Script
text/plain 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=3911692&pg=40e39240-8f28-4247-989e-af913fc5ff6d&lt=1679383523131&dt=1679383523150&at=1679383525867&an=1

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/hs/cta/cta/current.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-origin-hublet: na1
date: Tue, 21 Mar 2023 07:25:27 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 65ec4d63-9366-44b1-8682-77f0c6b66fe8
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 21 Mar 2023 07:25:27 GMT
server: cloudflare
x-trace: 2B1C1B6230FA3466F172FB4AFE192CAA98A8469675000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnXikSQHc%2BIV4NHK%2BKXaskDh8KJkJ6D%2FnhA7RjyPZYF34QIYm87iJXaqa7zrq3ZItVP03P%2BkVQZR9uqUQSvh2NSpsGZ5AVB7sMU7Z%2F2Yr1hYINtDHS1G17Z4gTjZ5KgIjHI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
cf-ray: 7ab47603cbe755b7-SYD
x-robots-tag: noindex, follow

GET
H3 200 cta-loaded.js Show response
www.huntress.com/hs/cta/ctas/v2/public/cs/ 0
830 B 366ms
365ms Script
text/plain 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=3911692&pg=40e39240-8f28-4247-989e-af913fc5ff6d&lt=1679383523131&dt=1679383523150&at=1679383525868&an=1

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/hs/cta/cta/current.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-origin-hublet: na1
date: Tue, 21 Mar 2023 07:25:27 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: a26d7e14-02ba-429d-886b-b8ad5a9ae6ba
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 21 Mar 2023 07:25:27 GMT
server: cloudflare
x-trace: 2B8D5BF743A213EA06420A9F539B691565E307DDE3000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kIH3nCqgbH1lqvCKmhhMzQKC9leLe8obry2xR7lAZqBfMZox5Jr%2Bjjm7ffn5uYQ%2BNHRYj%2BUKjyig73p8YbTMkjL5ktBHVKhH1YzgC9ztVJp2imKiO4jI628mdyk8w6B6NBE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
cf-ray: 7ab47603ec0255b7-SYD
x-robots-tag: noindex, follow

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
399 B 494ms
386ms Image
image/gif 104.16.89.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.89.5 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
x-hubspot-correlation-id: 1a132ffc-069a-47e9-a035-e9033c46de25
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
last-modified: Tue, 21 Mar 2023 07:25:27 GMT
server: cloudflare
x-trace: 2B347F8182B45A9EC24DFED3206AFDC3D56172E797000000000000000000
vary: origin, Accept-Encoding
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 7ab47606599ba889-SYD

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
434 B 406ms
384ms Image
image/gif 104.16.89.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.89.5 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
x-hubspot-correlation-id: f0045073-33d3-4090-8605-f5bf7c85ab2b
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
last-modified: Tue, 21 Mar 2023 07:25:27 GMT
server: cloudflare
x-trace: 2B35C002D1308F8631ADA76DB92402F0851C46D9F7000000000000000000
vary: origin, Accept-Encoding
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 7ab476065999a889-SYD

GET
H/1.1 200
OK counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
667 B 594ms
381ms Image
image/gif 104.16.85.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.16.85.5 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 07:25:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: 718a6dd7-1536-4457-bbb9-c93b104ac530
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 35
Server: cloudflare
X-Trace: 2BC95FA02C7F08502A40B923AF7C4C2FCC29921BF7000000000000000000
Vary: origin
Content-Type: image/gif
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7ab47607aa075503-SYD

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
512 B 298ms
297ms XHR
application/json 54.225.3.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.225.3.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-225-3-167.compute-1.amazonaws.com

Software

Resource Hash

b3f68a90e51fffb3a287bb0b53dff5a5d2133cf3e4a33d13534f0df00ab532cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.huntress.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: a73fd8348866c666530f5687f7bc14f2

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
512 B 298ms
297ms XHR
application/json 54.225.3.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.225.3.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-225-3-167.compute-1.amazonaws.com

Software

Resource Hash

8f7119c3ae58a995d393863ab90376623806239c6c3a9260689bdc88fde26aa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.huntress.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: bbd636bdabb77e79d5b7feef81552d19

GET
H2 200 www-player.css
www.youtube.com/s/player/59acb1f3/ Frame 8974 399 KB
51 KB 464ms
463ms Stylesheet
text/css 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zqnCa6MztZU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

627b65348371145aaabe55e47cd88f930ac1deceee9035c225e2599620b31809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/zqnCa6MztZU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 22:15:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 119373
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51796
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Mar 2024 22:15:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8974 15 KB
16 KB 577ms
192ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zqnCa6MztZU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 07:14:53 GMT
x-content-type-options: nosniff
age: 87033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Mar 2024 07:14:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8974 15 KB
15 KB 625ms
240ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zqnCa6MztZU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 14:04:44 GMT
x-content-type-options: nosniff
age: 235242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:04:44 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/ Frame 8974 346 KB
108 KB 379ms
377ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zqnCa6MztZU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

6e6d16fdbd323a6e1f9f5de2832e0e104b4f96c08522617706df1625e556e135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/zqnCa6MztZU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 07:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85441
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110099
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 19 Mar 2024 07:41:25 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/ Frame 8974 2 MB
609 KB 504ms
503ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zqnCa6MztZU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

d1cd403161f1ab06eb5830100674c8cdc4aeee39b83d94b0dea719d8907df1c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/zqnCa6MztZU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 08:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 623625
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Mar 2024 08:09:29 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/59acb1f3/fetch-polyfill.vflset/ Frame 8974 9 KB
3 KB 530ms
529ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zqnCa6MztZU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/zqnCa6MztZU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 05:09:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Mar 2024 05:09:20 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/59acb1f3/ Frame 0630 399 KB
51 KB 637ms
635ms Stylesheet
text/css 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Qh5BPsf_NMo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

627b65348371145aaabe55e47cd88f930ac1deceee9035c225e2599620b31809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/Qh5BPsf_NMo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 22:15:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 119373
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51796
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Mar 2024 22:15:53 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/ Frame 0630 346 KB
108 KB 659ms
657ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Qh5BPsf_NMo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

6e6d16fdbd323a6e1f9f5de2832e0e104b4f96c08522617706df1625e556e135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/Qh5BPsf_NMo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 07:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85441
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110099
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 19 Mar 2024 07:41:25 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/ Frame 0630 2 MB
609 KB 650ms
649ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Qh5BPsf_NMo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

d1cd403161f1ab06eb5830100674c8cdc4aeee39b83d94b0dea719d8907df1c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/Qh5BPsf_NMo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 08:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 623625
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Mar 2024 08:09:29 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/59acb1f3/fetch-polyfill.vflset/ Frame 0630 9 KB
3 KB 655ms
655ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Qh5BPsf_NMo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/Qh5BPsf_NMo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 05:09:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Mar 2024 05:09:20 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/59acb1f3/ Frame CABD 399 KB
51 KB 193ms
192ms Stylesheet
text/css 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WMFAwLX_O0o

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

627b65348371145aaabe55e47cd88f930ac1deceee9035c225e2599620b31809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/WMFAwLX_O0o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 22:15:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 119373
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51796
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Mar 2024 22:15:53 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/ Frame CABD 346 KB
108 KB 559ms
557ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WMFAwLX_O0o

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

6e6d16fdbd323a6e1f9f5de2832e0e104b4f96c08522617706df1625e556e135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/WMFAwLX_O0o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 07:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85441
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110099
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 19 Mar 2024 07:41:25 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/ Frame CABD 2 MB
609 KB 585ms
583ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WMFAwLX_O0o

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

d1cd403161f1ab06eb5830100674c8cdc4aeee39b83d94b0dea719d8907df1c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/WMFAwLX_O0o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 08:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 623625
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Mar 2024 08:09:29 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/59acb1f3/fetch-polyfill.vflset/ Frame CABD 9 KB
3 KB 616ms
613ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WMFAwLX_O0o

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/WMFAwLX_O0o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 05:09:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Mar 2024 05:09:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0630 15 KB
15 KB 385ms
383ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Qh5BPsf_NMo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 07:14:53 GMT
x-content-type-options: nosniff
age: 87033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Mar 2024 07:14:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0630 15 KB
15 KB 441ms
439ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Qh5BPsf_NMo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 14:04:44 GMT
x-content-type-options: nosniff
age: 235242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:04:44 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/59acb1f3/ Frame 9AB9 399 KB
51 KB 201ms
200ms Stylesheet
text/css 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/c21CsdO7iCE

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

627b65348371145aaabe55e47cd88f930ac1deceee9035c225e2599620b31809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/c21CsdO7iCE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 22:15:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 119373
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51796
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Mar 2024 22:15:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CABD 15 KB
15 KB 493ms
492ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WMFAwLX_O0o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 07:14:53 GMT
x-content-type-options: nosniff
age: 87033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Mar 2024 07:14:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CABD 15 KB
15 KB 557ms
556ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WMFAwLX_O0o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 14:04:44 GMT
x-content-type-options: nosniff
age: 235242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:04:44 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9AB9 15 KB
15 KB 590ms
589ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/c21CsdO7iCE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 07:14:53 GMT
x-content-type-options: nosniff
age: 87033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Mar 2024 07:14:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9AB9 15 KB
15 KB 624ms
623ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/c21CsdO7iCE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 14:04:44 GMT
x-content-type-options: nosniff
age: 235242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:04:44 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/ Frame 9AB9 346 KB
108 KB 559ms
557ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/c21CsdO7iCE

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

6e6d16fdbd323a6e1f9f5de2832e0e104b4f96c08522617706df1625e556e135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/c21CsdO7iCE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 07:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85441
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110099
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 19 Mar 2024 07:41:25 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/ Frame 9AB9 2 MB
609 KB 598ms
596ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/c21CsdO7iCE

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

d1cd403161f1ab06eb5830100674c8cdc4aeee39b83d94b0dea719d8907df1c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/c21CsdO7iCE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 08:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 623625
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Mar 2024 08:09:29 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/59acb1f3/fetch-polyfill.vflset/ Frame 9AB9 9 KB
3 KB 632ms
630ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/c21CsdO7iCE

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/c21CsdO7iCE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 05:09:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Mar 2024 05:09:20 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame CB55 320 KB
104 KB 100ms
100ms Document
text/html 192.229.237.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.huntress.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.237.25 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nwa/E78D) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 469958
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Tue, 21 Mar 2023 07:25:26 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nwa/E78D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame CB55 664 B
605 B 560ms
253ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=0a794863c23cece858349992abb2727fec5c00d2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.huntress.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_l /

Resource Hash

b0e3dea3ead4a88d28a0203a5dd56155100bf5d61b73c371992aa9f211ff5480

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 150
date: Tue, 21 Mar 2023 07:25:26 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 21 Mar 2023 07:25:27 GMT
server: tsa_l
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 38a6ab3134313bb4
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 2d1cb55ea86205968c0ad9324102132cc897df51272f77150e4f59db82fff606
content-length: 284

GET
H3 200 all.js Show response
connect.facebook.net/en_GB/ 308 KB
86 KB 485ms
242ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js?hash=69dcd1ac1dc96eb4caed1bd82dbb802f

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

c63b604d15f21c5c2ec47006eea644b7dbc3e4354e8ec9a1d2fe207a0d906b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
Origin: https://www.huntress.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Mar 2023 07:25:27 GMT
content-md5: FlRXCBQ67PfNo4oLOCbJ3Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88455
x-fb-rlafr: 0
x-fb-debug: pVjdjXgIVOwzPsZSCfjFj7Cu4QnLGc0Jcr+N1Maae+7//dBRsEEdhNAAqQvWqW7hbM+FbGrWcX5o2m34SOp7GA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 76517317ef9a6c7f958951947be6af7a
cross-origin-opener-policy: same-origin-allow-popups
etag: "a88458277d5194d2ba5e376828288991"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 20 Mar 2024 07:16:04 GMT

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
403 B 349ms
343ms XHR
application/json 104.17.130.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=3911692&utk=
Requested by: Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.130.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d247e1c2efc38a727967b2f5f9e99b961d0cbe2b0aa1ddcf170bd6933409403

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 2ed112f6-9d4a-4470-babc-dfa57aeff48f
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.huntress.com
cache-control: max-age=0
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7ab47603fe145581-SYD

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 8974
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
189 B

196ms
194ms

XHR
application/json

74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zqnCa6MztZU

Protocol

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f156.1e100.net

Software

cafe /

Resource Hash

7932ecf11b4c33821969f23617314790ab1cccc4a45fec347744111c07ccf669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 21 Mar 2023 07:25:27 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 8974 29 B
495 B 578ms
193ms Script
text/javascript 172.253.118.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f149.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:21:31 GMT
x-content-type-options: nosniff
age: 236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Mar 2023 07:36:31 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 578ms
193ms Preflight
text/html 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 21 Mar 2023 07:25:27 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8974 66 KB
30 KB 317ms
313ms XHR
application/json+protobuf 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

45072a6d16af7ab2d37ea8d87501284455b09c68d8f2c2b2d69e75f4a28f42af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 21 Mar 2023 07:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30859
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/ Frame 8974 116 KB
36 KB 610ms
610ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

4bfc5420e9912c1ad80de98ae44ed2fad24a9182bad4c0e77e1e047d647c0f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/zqnCa6MztZU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 05:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36334
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Mar 2024 05:04:10 GMT

GET
H2 200 W1rPsxnPvRrAUqr6O9TSVsmAP55o0wYEfnX-BwJJajM.js Show response
www.google.com/js/th/ Frame 8974 36 KB
15 KB 577ms
193ms Script
text/javascript 74.125.68.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/W1rPsxnPvRrAUqr6O9TSVsmAP55o0wYEfnX-BwJJajM.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f99.1e100.net

Software

sffe /

Resource Hash

5b5acfb319cfbd1ac052aafa3bd4d256c9803f9e68d306047e75fe0702496a33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 08:58:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14357
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 08:58:55 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/zqnCa6MztZU/ Frame 8974 101 KB
101 KB 783ms
394ms Image
image/jpeg 142.251.12.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/zqnCa6MztZU/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGEIgUShlMA8=&rs=AOn4CLDr_rQrr-C-fPXPpMY0VrUeyoW8-w

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zqnCa6MztZU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.119 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f119.1e100.net

Software

sffe /

Resource Hash

d546a6710350a9c1a85aa7afe689f32bda0847cffbb2b765f90b0918d627bd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:27 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102995
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Mar 2023 09:25:27 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/ Frame 8974 27 KB
8 KB 193ms
192ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

340b82675e0ce409122c26a287553ce0c9c0f3888a44746b22062bd4dafdf6fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/zqnCa6MztZU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 16:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 487386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8631
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 14 Mar 2024 16:02:22 GMT

GET
DATA 200
OK truncated
/ Frame 8974 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6FqcWoHZvrZixaGi1S3Re3Z90SCS3iq2_36hQSnSHQPtQVVkywH8WKka53MiBYBSP6DmqM-g9w=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 8974 3 KB
3 KB 590ms
203ms Image
image/jpeg 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/6FqcWoHZvrZixaGi1S3Re3Z90SCS3iq2_36hQSnSHQPtQVVkywH8WKka53MiBYBSP6DmqM-g9w=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/zqnCa6MztZU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

fife /

Resource Hash

819dfbb3b4773187de06060775662d73315d109d3eeb1a31e28d49112ab2fe47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 06:31:50 GMT
x-content-type-options: nosniff
age: 3217
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2963
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 20 Mar 2023 02:25:17 GMT

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 528ms
327ms Preflight
application/octet-stream 104.18.33.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.huntress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.huntress.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 7ab47607091ca825-SYD
content-length: 0
content-type: application/octet-stream
date: Tue, 21 Mar 2023 07:25:27 GMT
server: cloudflare
timing-allow-origin: *
vary: origin

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
108 B 334ms
331ms XHR
text/plain 104.18.33.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/3911692.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 Mar 2023 07:25:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: d9ea1a98-562c-4f40-bff8-a76cccab63e5
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.huntress.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7ab476091b5fa825-SYD

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 0630
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

195ms
193ms

XHR
application/json

74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Qh5BPsf_NMo

Protocol

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f156.1e100.net

Software

cafe /

Resource Hash

1800179475fc9eabb19cd58fa6c8ede0bc2a8c5ef2c04b5286067e6c903d21df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 21 Mar 2023 07:25:27 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 0630 29 B
89 B 381ms
193ms Script
text/javascript 172.253.118.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f149.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:21:31 GMT
x-content-type-options: nosniff
age: 236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Mar 2023 07:36:31 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 353ms
194ms Preflight
text/html 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 21 Mar 2023 07:25:27 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0630 66 KB
30 KB 200ms
197ms XHR
application/json+protobuf 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

f424915a4487a557e62a18d476391dcefd208f8a0d3050e95f1d02a3ee4fc040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 21 Mar 2023 07:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30843
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/ Frame 0630 116 KB
36 KB 393ms
392ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

4bfc5420e9912c1ad80de98ae44ed2fad24a9182bad4c0e77e1e047d647c0f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/Qh5BPsf_NMo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 05:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36334
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Mar 2024 05:04:10 GMT

GET
H2 200 W1rPsxnPvRrAUqr6O9TSVsmAP55o0wYEfnX-BwJJajM.js Show response
www.google.com/js/th/ Frame 0630 36 KB
14 KB 617ms
231ms Script
text/javascript 74.125.68.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/W1rPsxnPvRrAUqr6O9TSVsmAP55o0wYEfnX-BwJJajM.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f99.1e100.net

Software

sffe /

Resource Hash

5b5acfb319cfbd1ac052aafa3bd4d256c9803f9e68d306047e75fe0702496a33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 08:58:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14357
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 08:58:55 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/Qh5BPsf_NMo/ Frame 0630 24 KB
24 KB 366ms
192ms Image
image/jpeg 142.251.12.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Qh5BPsf_NMo/hqdefault.jpg?sqp=-oaymwEmCOADEOgC8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGHIgVyhCMA8=&rs=AOn4CLCkvpk6WssFz24h0f61EIWw_PJSMA

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Qh5BPsf_NMo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.119 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f119.1e100.net

Software

sffe /

Resource Hash

de1c4324a0656d7d9925b236c4b00d922abbb0056b6912d6ee052e97961c3024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 06:31:48 GMT
x-content-type-options: nosniff
age: 3219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24474
x-xss-protection: 0
server: sffe
etag: "1679022986"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Mar 2023 08:31:48 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/ Frame 0630 27 KB
8 KB 193ms
193ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

340b82675e0ce409122c26a287553ce0c9c0f3888a44746b22062bd4dafdf6fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/Qh5BPsf_NMo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 16:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 487386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8631
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 14 Mar 2024 16:02:22 GMT

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
356 B 344ms
343ms Image
image/gif 104.16.89.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=4

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.89.5 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: bb9ec062-24a1-4229-aa64-e11a9d7540f2
x-trace: 2B18716DFE1E55E4C9E48D0E393E9F899019B795F5000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7ab476076a54a889-SYD
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 0630 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6FqcWoHZvrZixaGi1S3Re3Z90SCS3iq2_36hQSnSHQPtQVVkywH8WKka53MiBYBSP6DmqM-g9w=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 0630 3 KB
3 KB 362ms
192ms Image
image/jpeg 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/6FqcWoHZvrZixaGi1S3Re3Z90SCS3iq2_36hQSnSHQPtQVVkywH8WKka53MiBYBSP6DmqM-g9w=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Qh5BPsf_NMo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

fife /

Resource Hash

819dfbb3b4773187de06060775662d73315d109d3eeb1a31e28d49112ab2fe47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 06:31:50 GMT
x-content-type-options: nosniff
age: 3217
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2963
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 20 Mar 2023 02:25:17 GMT

GET
H2 200 modules.e2da18cc902540af2c47.js Show response
script.hotjar.com/ 264 KB
68 KB 858ms
307ms Script
application/javascript 13.225.103.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e2da18cc902540af2c47.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2159185.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.103.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-103-106.hkg60.r.cloudfront.net

Software

Resource Hash

cc5bf6d7ff854fcd8d901351443e692b013b81e5c47f51e02e3d3685e2ab961c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 11:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2c3102a3dff8da527bfb867c7b7300ce.cloudfront.net (CloudFront)
x-amz-cf-pop: HKG60-C1
age: 71181
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69113
last-modified: Mon, 20 Mar 2023 11:38:47 GMT
etag: "0dbc433f6fb478c9dd6bfaf47096a6fd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: QxeuXxdqD_c62KsblRlPw5BnsTRtZnOB_1t6vSYEZgFAezP25d8iUA==

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 8974 4 KB
2 KB 470ms
193ms Script
text/javascript 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 07:25:28 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame CABD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

194ms
194ms

XHR
application/json

74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WMFAwLX_O0o

Protocol

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f156.1e100.net

Software

cafe /

Resource Hash

0b194ca1553d84418a2e68475da10fb7cabd679680c3cbe8d392544b54999edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 21 Mar 2023 07:25:27 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CABD 29 B
89 B 192ms
192ms Script
text/javascript 172.253.118.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f149.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:21:31 GMT
x-content-type-options: nosniff
age: 236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Mar 2023 07:36:31 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 0630 4 KB
2 KB 586ms
198ms Script
text/javascript 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 07:25:28 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 9AB9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

194ms
193ms

XHR
application/json

74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/c21CsdO7iCE

Protocol

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f156.1e100.net

Software

cafe /

Resource Hash

6ae6e631abb47c88b2a21d24b77ddad3ae126918387eaebbbe81e9909a1716e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 21 Mar 2023 07:25:27 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 9AB9 29 B
89 B 192ms
192ms Script
text/javascript 172.253.118.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f149.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:21:31 GMT
x-content-type-options: nosniff
age: 236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Mar 2023 07:36:31 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 326ms
326ms Preflight
text/html 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 21 Mar 2023 07:25:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CABD 66 KB
30 KB 200ms
199ms XHR
application/json+protobuf 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

ffce8dae243aa4f3f3fc78eeb3ced1fae5d2f486dfe96a0f781b225f5de54fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 21 Mar 2023 07:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30907
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/ Frame CABD 116 KB
36 KB 193ms
192ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

4bfc5420e9912c1ad80de98ae44ed2fad24a9182bad4c0e77e1e047d647c0f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/WMFAwLX_O0o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 05:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36334
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Mar 2024 05:04:10 GMT

GET
H2 200 W1rPsxnPvRrAUqr6O9TSVsmAP55o0wYEfnX-BwJJajM.js Show response
www.google.com/js/th/ Frame CABD 36 KB
14 KB 355ms
355ms Script
text/javascript 74.125.68.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/W1rPsxnPvRrAUqr6O9TSVsmAP55o0wYEfnX-BwJJajM.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f99.1e100.net

Software

sffe /

Resource Hash

5b5acfb319cfbd1ac052aafa3bd4d256c9803f9e68d306047e75fe0702496a33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 08:58:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14357
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 08:58:55 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/WMFAwLX_O0o/ Frame CABD 113 KB
113 KB 374ms
374ms Image
image/jpeg 142.251.12.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/WMFAwLX_O0o/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGEUgWShyMA8=&rs=AOn4CLD20ZLAXjo3oiELGUhemlu4drJ8mQ

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WMFAwLX_O0o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.119 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f119.1e100.net

Software

sffe /

Resource Hash

3cc71d18d15b5ce6a5aa8c161185a889853cbb4f5b94dafe1b77a3c3234341e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:28 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115637
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Mar 2023 09:25:28 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/ Frame CABD 27 KB
8 KB 192ms
192ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

340b82675e0ce409122c26a287553ce0c9c0f3888a44746b22062bd4dafdf6fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/WMFAwLX_O0o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 16:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 487386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8631
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 14 Mar 2024 16:02:22 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 248ms
247ms Preflight
text/html 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 21 Mar 2023 07:25:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9AB9 66 KB
31 KB 210ms
210ms XHR
application/json+protobuf 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

8724b08e880d92bab3e5f3344b50ab18754b4805f90f88e9a7c616f8ad219956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 21 Mar 2023 07:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31261
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/ Frame 9AB9 116 KB
36 KB 193ms
192ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

4bfc5420e9912c1ad80de98ae44ed2fad24a9182bad4c0e77e1e047d647c0f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/c21CsdO7iCE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 05:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36334
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Mar 2024 05:04:10 GMT

GET
H2 200 W1rPsxnPvRrAUqr6O9TSVsmAP55o0wYEfnX-BwJJajM.js Show response
www.google.com/js/th/ Frame 9AB9 36 KB
14 KB 408ms
407ms Script
text/javascript 74.125.68.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/W1rPsxnPvRrAUqr6O9TSVsmAP55o0wYEfnX-BwJJajM.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f99.1e100.net

Software

sffe /

Resource Hash

5b5acfb319cfbd1ac052aafa3bd4d256c9803f9e68d306047e75fe0702496a33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 08:58:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14357
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 08:58:55 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/c21CsdO7iCE/ Frame 9AB9 105 KB
105 KB 483ms
483ms Image
image/jpeg 142.251.12.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/c21CsdO7iCE/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGD4gUShlMA8=&rs=AOn4CLB_7igTE1caRJQmIuHY0HGXH43eZg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/c21CsdO7iCE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.119 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f119.1e100.net

Software

sffe /

Resource Hash

0476ac2814eeda00ef2ff7b200a1a757dd0fbd7908742b3d5e81bbd3efcc9b4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:28 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107146
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Mar 2023 09:25:28 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/ Frame 9AB9 27 KB
8 KB 192ms
192ms Script
text/javascript 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

sffe /

Resource Hash

340b82675e0ce409122c26a287553ce0c9c0f3888a44746b22062bd4dafdf6fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/c21CsdO7iCE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 16:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 487386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8631
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 14 Mar 2024 16:02:22 GMT

GET
DATA 200
OK truncated
/ Frame 9AB9 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6FqcWoHZvrZixaGi1S3Re3Z90SCS3iq2_36hQSnSHQPtQVVkywH8WKka53MiBYBSP6DmqM-g9w=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 9AB9 3 KB
3 KB 193ms
192ms Image
image/jpeg 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/6FqcWoHZvrZixaGi1S3Re3Z90SCS3iq2_36hQSnSHQPtQVVkywH8WKka53MiBYBSP6DmqM-g9w=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/c21CsdO7iCE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

fife /

Resource Hash

819dfbb3b4773187de06060775662d73315d109d3eeb1a31e28d49112ab2fe47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 06:31:50 GMT
x-content-type-options: nosniff
age: 3218
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2963
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 20 Mar 2023 02:25:17 GMT

GET
DATA 200
OK truncated
/ Frame CABD 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6FqcWoHZvrZixaGi1S3Re3Z90SCS3iq2_36hQSnSHQPtQVVkywH8WKka53MiBYBSP6DmqM-g9w=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame CABD 3 KB
3 KB 201ms
200ms Image
image/jpeg 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/6FqcWoHZvrZixaGi1S3Re3Z90SCS3iq2_36hQSnSHQPtQVVkywH8WKka53MiBYBSP6DmqM-g9w=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WMFAwLX_O0o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

fife /

Resource Hash

819dfbb3b4773187de06060775662d73315d109d3eeb1a31e28d49112ab2fe47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 06:31:50 GMT
x-content-type-options: nosniff
age: 3218
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2963
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 20 Mar 2023 02:25:17 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0630 90 B
134 B 273ms
272ms XHR
application/json+protobuf 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

c7fde7808d71d2745dd9d6dfd82913fa5f725edc3138294fe3042091d7b59c5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 21 Mar 2023 07:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H2 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 194ms
194ms Preflight
text/html 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 21 Mar 2023 07:25:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CABD 4 KB
2 KB 193ms
193ms Script
text/javascript 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 07:25:28 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 9AB9 4 KB
2 KB 193ms
193ms Script
text/javascript 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 07:25:28 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8974 90 B
134 B 197ms
197ms XHR
application/json+protobuf 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

01170d5ec284f3922c1f655dee01ed3d75e16135b12e59eb970b04e527cd97cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 21 Mar 2023 07:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 314ms
314ms Preflight
text/html 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 21 Mar 2023 07:25:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 8974 0
10 B 192ms
192ms Image
text/plain 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?_O-sGg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/zqnCa6MztZU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f136.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/zqnCa6MztZU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/111/ Frame 8974 50 KB
15 KB 193ms
192ms Script
text/javascript 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/111/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:44:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14872
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 16:05:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 21 Mar 2023 22:44:29 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/111/ Frame 0630 50 KB
15 KB 234ms
232ms Script
text/javascript 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/111/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:44:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14872
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 16:05:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 21 Mar 2023 22:44:29 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9AB9 90 B
134 B 199ms
198ms XHR
application/json+protobuf 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

b0ab910d6dd32e4129480e7a9d8d7e934af1a5023377b9c5ce08f23aac3a4bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 21 Mar 2023 07:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CABD 90 B
134 B 198ms
197ms XHR
application/json+protobuf 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

0cef175ac8878c2bf59998e8aad3f6337ed801796ea9b2a602a79b064b029a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 21 Mar 2023 07:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/111/ Frame CABD 50 KB
15 KB 193ms
192ms Script
text/javascript 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/111/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:44:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14872
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 16:05:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 21 Mar 2023 22:44:29 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/111/ Frame 9AB9 50 KB
15 KB 238ms
237ms Script
text/javascript 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/111/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:44:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14872
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 16:05:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 21 Mar 2023 22:44:29 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 0630 0
10 B 192ms
192ms Image
text/plain 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Rz3oWw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/Qh5BPsf_NMo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f136.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/Qh5BPsf_NMo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame CABD 0
10 B 193ms
192ms Image
text/plain 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?4hbWXQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/WMFAwLX_O0o
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f136.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/WMFAwLX_O0o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 195ms
194ms Preflight
text/html 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 21 Mar 2023 07:25:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 195ms
194ms Preflight
text/html 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 21 Mar 2023 07:25:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 9AB9 0
10 B 192ms
192ms Image
text/plain 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?c8K6gA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/c21CsdO7iCE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f136.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.youtube.com/embed/c21CsdO7iCE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2159185/ 147 B
322 B 1157ms
388ms XHR
application/json 176.34.148.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2159185/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e2da18cc902540af2c47.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 176.34.148.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-148-185.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef6c1f3e60c738e0efe4050ab6cb05bd536d01e116a656270e2e93c25bc82ce3

Request headers

Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 21 Mar 2023 07:25:29 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
381 B 399ms
392ms Image
image/gif 104.19.154.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1413633234&v=1.1&a=3911692&pi=106809771290&ct=blog-post&ccu=https%3A%2F%2Fwww.huntress.com%2Fblog%2Feverything-we-know-about-cve-2023-23397&cpi=106809771290&cgi=39343107504&lpi=106809771290&lvi=106809771290&lvc=en&pu=https%3A%2F%2Fwww.huntress.com%2Fblog%2Feverything-we-know-about-cve-2023-23397&t=Everything+We+Know+About+CVE-2023-23397&cts=1679383529144&vi=ab263864f2949690229aba366fba70e3&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 984c8544-51d5-43fa-bce3-8ba18160c9f8
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhyXn5U87PcaCWbXLmHzCyb9sljsE%2F6P7k9UmT%2FmNc2UTSyRSdxP%2FQtPR4ZfifgnYAIFHc5fGK7E8QtPiYo4%2FcZd1lcj5lC%2BOZGTgPZDt5%2F0abzCnU80WFpvUJdZHcFCNyeY"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ab476118e57a831-SYD
x-robots-tag: none

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
397 B 382ms
382ms Image
image/gif 104.16.89.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.89.5 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
x-hubspot-correlation-id: 0c82bbfa-320f-4cc3-ab45-9bbf2a2aca4a
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
last-modified: Tue, 21 Mar 2023 07:25:29 GMT
server: cloudflare
x-trace: 2B4D2EA461F971B6A5C933A06A1FDB100ACA8D0C0D000000000000000000
vary: origin, Accept-Encoding
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 7ab476118a02a889-SYD

GET
H2 200 __pto.gif
track.hubspot.com/ 45 B
446 B 398ms
392ms Image
image/gif 104.19.154.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__pto.gif?w=1679383529145&m=ReferenceError%3A+hasVars+is+not+defined&j=1.1&n=ReferenceError&x=ReferenceError%3A+hasVars+is+not+defined%0A++++at+https%3A%2F%2Fwww.huntress.com%2Fhs%2Fcta%2Fcta%2Fcurrent.js%3A1%3A1564%0A++++at+i+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1679383500000%2F3911692.js%3A20%3A43464)%0A++++at+hstc.tracking.Runner.processHsq+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1679383500000%2F3911692.js%3A20%3A44210)%0A++++at+hstc.tracking.Runner.run+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1679383500000%2F3911692.js%3A20%3A43408)%0A++++at+i+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1679383500000%2F3911692.js%3A20%3A65462)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 19fde0c5-462d-470c-a261-939eaaba85e6
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EfSE7QdUuslI7zuLApRW3uqAdm3WVmQp0qjG88SxTaFkUZMJsAbqdC5laaPH68OgS5mTc6Ykfr34CZO0u5Hobt32h9a9qLcYRV7Wue8bfjBOmm%2BOj4SACGsVil%2F0X4JgsjD2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ab476118e55a831-SYD
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
448 B 352ms
351ms Image
image/gif 104.19.154.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%2240e39240-8f28-4247-989e-af913fc5ff6d%22%2C%2211f3d86c-bd5d-4c54-8656-c84ab64a3af1%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1413633234&v=1.1&a=3911692&pi=106809771290&ct=blog-post&ccu=https%3A%2F%2Fwww.huntress.com%2Fblog%2Feverything-we-know-about-cve-2023-23397&cpi=106809771290&cgi=39343107504&lpi=106809771290&lvi=106809771290&lvc=en&pu=https%3A%2F%2Fwww.huntress.com%2Fblog%2Feverything-we-know-about-cve-2023-23397&t=Everything+We+Know+About+CVE-2023-23397&cts=1679383529147&vi=ab263864f2949690229aba366fba70e3&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c36957d5-edf6-441e-a5f7-2bba71dac5cd
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ulo%2F%2B7LYahDW2Qjk%2FFXSf0fyTWRtRheQyLn%2Bgnh4Ic8xrKktAcQ5bjz0NKxhDm1aMNcXt26RBBR%2Bt1FOqb8uEGO40Ps7PysImYr6fuD%2Fed%2BZ2mbstaNCn7fqercFbqKsy1mB"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ab476118e58a831-SYD
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
362 B 385ms
384ms Image
image/gif 104.19.154.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=196be66c-f1bb-4156-af05-2952954526cd&fci=32ad35f9-34f3-4b30-a872-a1519d12bf51&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1413633234&v=1.1&a=3911692&pi=106809771290&ct=blog-post&ccu=https%3A%2F%2Fwww.huntress.com%2Fblog%2Feverything-we-know-about-cve-2023-23397&cpi=106809771290&cgi=39343107504&lpi=106809771290&lvi=106809771290&lvc=en&pu=https%3A%2F%2Fwww.huntress.com%2Fblog%2Feverything-we-know-about-cve-2023-23397&t=Everything+We+Know+About+CVE-2023-23397&cts=1679383529148&vi=ab263864f2949690229aba366fba70e3&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 73bfd288-2aae-4ae3-b3f8-0ff2d090676e
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdtVM%2BSVfpPcU3vb6bX3nBFzdol1agNgIOL51Xczwuu5gUeQLKs%2B1I09nv8nksJ2jE2XH5paDg1n5X%2B3kQV7IFXDzOWo4S%2B1u8%2FAQo6NKrOgLF36aqZvho5vOysF8JtmGida"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ab476118e5aa831-SYD
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
346 B 355ms
354ms Image
image/gif 104.19.154.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=196be66c-f1bb-4156-af05-2952954526cd&fci=32ad35f9-34f3-4b30-a872-a1519d12bf51&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1413633234&v=1.1&a=3911692&pi=106809771290&ct=blog-post&ccu=https%3A%2F%2Fwww.huntress.com%2Fblog%2Feverything-we-know-about-cve-2023-23397&cpi=106809771290&cgi=39343107504&lpi=106809771290&lvi=106809771290&lvc=en&pu=https%3A%2F%2Fwww.huntress.com%2Fblog%2Feverything-we-know-about-cve-2023-23397&t=Everything+We+Know+About+CVE-2023-23397&cts=1679383529148&vi=ab263864f2949690229aba366fba70e3&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:25:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: a720e0f3-ecc2-4412-b89e-592a90ceabb8
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvxc2TxLsNRAYz8V4mLJy%2B%2BcuADT%2BWJS%2BkS9vcEC0%2BphF1L5JqsMB60IbnSpXeh4LqoFRRrFxgO5L4xoiY1lMkG8sNYFZwrIORJqUHvbdficOHnNcnYyw1CMhlBhD7gOQOWL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7ab47613c8d2a831-SYD
x-robots-tag: none

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 0630 28 B
50 B 219ms
197ms XHR
application/json 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
X-Goog-Request-Time: 1679383529330
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Qh5BPsf_NMo
X-YouTube-Client-Version: 1.20230314.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt5NnJjSUJwelMwRSjlt-WgBg%3D%3D
X-YouTube-Ad-Signals: dt=1679383527245&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C740%2C416&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 21 Mar 2023 07:25:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

POST /
content.hotjar.io/ 0
0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 8974 28 B
50 B 200ms
199ms XHR
application/json 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
X-Goog-Request-Time: 1679383530942
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/zqnCa6MztZU
X-YouTube-Client-Version: 1.20230314.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgszZmFJdEtOVEkyZyjlt-WgBg%3D%3D
X-YouTube-Ad-Signals: dt=1679383526745&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C740%2C416&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 21 Mar 2023 07:25:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CABD 28 B
50 B 224ms
197ms XHR
application/json 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
X-Goog-Request-Time: 1679383531075
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/WMFAwLX_O0o
X-YouTube-Client-Version: 1.20230314.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtaVXFWSy0tdGpkRSjlt-WgBg%3D%3D
X-YouTube-Ad-Signals: dt=1679383527499&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C740%2C416&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 21 Mar 2023 07:25:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 9AB9 28 B
50 B 221ms
197ms XHR
application/json 74.125.24.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f136.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
X-Goog-Request-Time: 1679383531134
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/c21CsdO7iCE
X-YouTube-Client-Version: 1.20230314.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtLLU8wQWUzTnk3Yyjlt-WgBg%3D%3D
X-YouTube-Ad-Signals: dt=1679383527505&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C740%2C416&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 21 Mar 2023 07:25:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

POST
H3 200 perf Show response
www.huntress.com/_hcms/ 2 B
577 B 394ms
394ms XHR
text/plain 199.60.103.228
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/_hcms/perf

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.228 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 21 Mar 2023 07:25:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e60ddb3a-47a8-4411-8cfa-b0acee30e43c
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
server: cloudflare
x-trace: 2BE742246D488DBD041253381B4378B34993C770D6000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dunGUyQPvatNNRvL%2FulojyqAaR9xS3iRxve6S%2BW64gPW15YWHrsLmegaBHbc4sKCmMYqtzbbGqzEt1uAPLWqdo7LB09KvacIDuEf8X1eTyoBnatUHMKbzpd2cHhAmNVnKtM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-credentials: false
cf-ray: 7ab476242d8955b7-SYD
x-robots-tag: none

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: content.hotjar.io
URL: https://content.hotjar.io/

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
list-manage.agle1.cc/	1969-12-31 23:59:59	Name: JSESSIONID Value: LXD0maCY9lyCUdjPnzB6Cg
.www.huntress.com/	1970-01-20 10:29:45	Name: __cf_bm Value: vx.mSQRIzLGvtfDZQ2dw9dJefB7kHnocj1KwnITUbko-1679383521-0-AXgTb+L6it0rxeOuOFxd0Bl1LHYBXlgWrPuWlwHHfPwHS+2TqMlVqgbDCRZmn+/1k8onCgnw9g3vW8aROD/OkSE=
.www.huntress.com/	1969-12-31 23:59:59	Name: __cfruid Value: 8bb6bbe11196489aeb3f60d043da6ad354c4f0f5-1679383521
.hubspot.com/	1970-01-20 10:29:45	Name: __cf_bm Value: fl3MwR6fZXNo2SU8FwD9ZD13X4Mwj6I16Gs2OD5hxfs-1679383523-0-AdHnYwqbNyJ1Z7A4g6cYTVOLIm7WIeejFHQ6HCw8jW6mGmiuW6bV3TspFBuRwYIvJmnSfqeSIAw7A3XkOg0v8Wo=
.huntress.com/	1970-01-20 10:29:45	Name: _sp_ses.1564 Value: *
.huntress.com/	1970-01-20 20:05:43	Name: _sp_id.1564 Value: b08b3a0a-0131-43c7-a771-c0bba40dcdc5.1679383525.1.1679383525.1679383525.d2d0da4e-99bb-4b59-bb84-5e389634b97b
.huntress.com/	1970-01-20 19:16:45	Name: _vwo_uuid_v2 Value: DA3161FE3E6B16DD438AC492C0F20A4AB\|40a4e68b8a7b89c90712ec7a944cae9c
www.huntress.com/	1970-01-20 20:01:24	Name: __atuvc Value: 1%7C12
www.huntress.com/	1970-01-20 10:29:45	Name: __atuvs Value: 64195be5f430051a000
.addthis.com/	1970-01-20 20:01:24	Name: uvc Value: 1%7C12
www.huntress.com/	1970-01-20 10:39:48	Name: slireg Value: https://scout.us4.salesloft.com
www.huntress.com/	1970-01-20 19:15:19	Name: slirequested Value: true
www.huntress.com/	1970-01-20 19:15:19	Name: sliguid Value: 533d0120-b09b-44eb-9046-1f34432f9ac0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: j4Phlo1s65Y
.youtube.com/	1970-01-20 14:48:55	Name: VISITOR_INFO1_LIVE Value: K-O0Ae3Ny7c
.addthis.com/	1970-01-20 19:51:19	Name: ouid Value: 64195be7000155d819e327f9a9f90b8f0f3c99c8c16e77cd39e2
.addthis.com/	1970-01-20 19:51:19	Name: di2 Value: aVVbl#%$h#$M`#!M{PLbPLaP/lO&oLF[LFWI?\|6Hq#1:R#19w#)Fm
.addthis.com/	1970-01-20 19:51:19	Name: um Value: j.'2023032107252715000452807689'
.addthis.com/	1970-01-20 19:51:19	Name: uid Value: 64195be76e82f451
.addthis.com/	1970-01-20 19:51:19	Name: na_id Value: 2023032107252715000452807689
.addthis.com/	1970-01-20 19:51:19	Name: vc Value: 2
.addthis.com/	1970-01-20 20:01:24	Name: loc Value: MDAwMDBPQ0FVMDAxNDYxMzMxMjExNzAwMDBDSA==
.huntress.com/	1970-01-20 19:15:19	Name: _hjSessionUser_2159185 Value: eyJpZCI6IjI5ZjRlYjBjLWM5ZTAtNTM2NC04MjllLTE3ZTJiNWQyZGQ0NiIsImNyZWF0ZWQiOjE2NzkzODM1Mjg5NzQsImV4aXN0aW5nIjpmYWxzZX0=
.huntress.com/	1970-01-20 10:29:45	Name: _hjFirstSeen Value: 1
.huntress.com/	1970-01-20 10:29:43	Name: _hjIncludedInSessionSample_2159185 Value: 1
.huntress.com/	1970-01-20 10:29:45	Name: _hjSession_2159185 Value: eyJpZCI6ImRjZTQ0Nzg0LWE0ZjktNDc1NS04ODAxLTY3ODU0YWM3NzVjMiIsImNyZWF0ZWQiOjE2NzkzODM1Mjg5ODIsImluU2FtcGxlIjp0cnVlfQ==
www.huntress.com/	1970-01-20 10:29:43	Name: _hjIncludedInPageviewSample Value: 1
.huntress.com/	1970-01-20 10:29:45	Name: _hjAbsoluteSessionInProgress Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397(Line 1859) Message: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3911692.fs1.hubspotusercontent-na1.net
app.hubspot.com
cdn.jsdelivr.net
cdn2.hubspot.net
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
content.hotjar.io
cta-service-cms2.hubspot.com
dev.visualwebsiteoptimizer.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
googleads.g.doubleclick.net
i.ytimg.com
in.hotjar.com
jnn-pa.googleapis.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
list-manage.agle1.cc
m.addthis.com
no-cache.hubspot.com
perf.hsforms.com
platform.linkedin.com
platform.twitter.com
s7.addthis.com
scout-cdn.salesloft.com
scout.salesloft.com
script.hotjar.com
static.doubleclick.net
static.hotjar.com
syndication.twitter.com
track.hubspot.com
v1.addthisedge.com
webhooks.fivetran.com
www.google.com
www.gstatic.com
www.huntress.com
www.youtube.com
yt3.ggpht.com
z.moatads.com
content.hotjar.io
s7.addthis.com
104.16.85.5
104.16.89.20
104.16.89.5
104.17.115.176
104.17.130.171
104.17.233.204
104.17.243.204
104.17.25.14
104.17.69.176
104.18.223.90
104.18.33.171
104.19.154.83
104.244.42.8
104.75.165.244
13.225.103.106
13.225.103.94
142.251.10.94
142.251.12.119
142.251.12.121
142.251.12.95
157.240.235.1
172.217.194.132
172.253.118.149
172.64.154.216
176.34.148.185
192.229.237.25
199.60.103.228
23.52.112.115
34.139.124.58
34.96.102.137
42.99.140.211
54.225.3.167
69.16.175.10
74.125.200.94
74.125.24.136
74.125.68.156
74.125.68.99
01170d5ec284f3922c1f655dee01ed3d75e16135b12e59eb970b04e527cd97cb
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0476ac2814eeda00ef2ff7b200a1a757dd0fbd7908742b3d5e81bbd3efcc9b4e
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
062000ed088a56d5d283950b0fee6ef862b13eabe1144b43092b5e980cb7d2c5
0b194ca1553d84418a2e68475da10fb7cabd679680c3cbe8d392544b54999edd
0cef175ac8878c2bf59998e8aad3f6337ed801796ea9b2a602a79b064b029a0a
10b2d7606e83d5695bdfb06629634ed9640c8ba1eeb1dcc0968267fb6f92590d
11bcaa66e2e5486338bbf15bc2af4136962618bd84574c350c82c501d64f6868
1800179475fc9eabb19cd58fa6c8ede0bc2a8c5ef2c04b5286067e6c903d21df
19680a27e88da4a3713af26571b4849096e75d617f2845574af7fd15746256bb
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836
24846a3f194b09919bf75cec2a1d012653257442cea9342c648d618c8bddd844
24bf1462917f99639fe1db5284b292d9f2dfb6ab5629d2426b5243a4db6b5b47
257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4
29538a3d1fe20b9a25fb0b02ba37828fb457bba76c294a40a1c81638ce1b9886
295c420318d37ced90a8a681fe353fe027fd60e83a16ff965950cac3ccb22b4b
295fe623d1742c976f775c008be5bcb815be503e1cd7811aafdc08cd12682c25
299c86a9f0a44c5d7958234cfb021c3c73746ade2289d327778c7b08754947af
2ae7aa2c0a0e19050d31636218639574b56fd5677c5cd4c0d3d587df6a9f0e32
3367498692c5f6cdc662369af915c0c2f13b7f6af9e67a522d2e7fc1b3299364
340b82675e0ce409122c26a287553ce0c9c0f3888a44746b22062bd4dafdf6fa
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3cc71d18d15b5ce6a5aa8c161185a889853cbb4f5b94dafe1b77a3c3234341e6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4081a5f270ace3305571b8f393e20c3a50141d103fb6fced35cf64d5182c2cd2
45072a6d16af7ab2d37ea8d87501284455b09c68d8f2c2b2d69e75f4a28f42af
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
46bac3ec4bf7b11a30e127a3a67e533d834e29849b9c71ae0fbd3da5f782a189
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49c050c7a4775b5b84a5ceabf44f33074c79c051306286a8be611e9794704894
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4a2656abff35c90593bc6bc28c90c5960cb35d8b1c441a2fff51abf24a8c8520
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
4bfc5420e9912c1ad80de98ae44ed2fad24a9182bad4c0e77e1e047d647c0f78
558979f57321b92691fa5d479ae380773ae5d9dffd5f8bcaddc4525ea361f0a9
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b5acfb319cfbd1ac052aafa3bd4d256c9803f9e68d306047e75fe0702496a33
5d247e1c2efc38a727967b2f5f9e99b961d0cbe2b0aa1ddcf170bd6933409403
6145ffccacbf92ec04526c41b5e912e6555a7102a0515c64d5ae5b6002c8e4cf
627b65348371145aaabe55e47cd88f930ac1deceee9035c225e2599620b31809
63d7ec4bfc7f133b7de69b6cb5bcb05aaacf336196c01016d11a4112ac669c7b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae6e631abb47c88b2a21d24b77ddad3ae126918387eaebbbe81e9909a1716e9
6e6d16fdbd323a6e1f9f5de2832e0e104b4f96c08522617706df1625e556e135
7932ecf11b4c33821969f23617314790ab1cccc4a45fec347744111c07ccf669
79bb1b80606f5282fa20cea179f7c7f619eb1848b1d550a9e13857477cd1c38e
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7f88c3a17b2d1cd4ae2ed32f2a1efa3f60636ee55ef6255d95d1f17f4cd1f50b
80c5b115d3add1695dfb3e5c6f2ad3ba4ff7fc27e76b7247a1958a609eb2b3ea
819dfbb3b4773187de06060775662d73315d109d3eeb1a31e28d49112ab2fe47
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8635796c350308ea6419713250a1cae02120881c6cc990f3b0562821201e7266
86a237382230f522dad7322282ae762d3e6a8afdb38ad64f4bc9647320e2364e
8724b08e880d92bab3e5f3344b50ab18754b4805f90f88e9a7c616f8ad219956
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8ee1caa737e585d6cf4a91ab01b27aff627c2056544d7c9e4f704f1a9176a023
8f7119c3ae58a995d393863ab90376623806239c6c3a9260689bdc88fde26aa7
935ca3aeeb6f4e0cbc8160dd1d35ff0ffe94f719156c0330fd0e20f21d6965d2
954f86735dfd8abf4d923b985e719ab1ae438a2fb15a22346b141879538f4a83
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
9d24eb5dee55f30a11bc4873997bdb980b2fbae8d8d89b166dbc4cf1a45f89e6
a0865e79e9901da86a71e114a56e384080426784c5d18c9909e34a7470bee003
aad4b41123dd3a244cebc4b650de024f2650df1fba41d62ae4c9e4adcf4bc344
ac55986f43a7a12101835ace8d62b72e6207aa9a0c71af1b07fb014e88c8c45f
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b0ab910d6dd32e4129480e7a9d8d7e934af1a5023377b9c5ce08f23aac3a4bd5
b0e3dea3ead4a88d28a0203a5dd56155100bf5d61b73c371992aa9f211ff5480
b355e659eb1f476e9bb8b33c109b4c47718d902e483db104fcfea35cfc8a5584
b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921
b3f2b8b4f35e3ac89735724f660e345274378e92d3d1c1f2695c04a0460fab3c
b3f68a90e51fffb3a287bb0b53dff5a5d2133cf3e4a33d13534f0df00ab532cb
b820ca27127163e2d3feba895bc2722878e51c676c44b9d52f89dacdf24a01f6
b860656603a5037d589fbc590dae90f79f93a93fa0c0b9511e3aa8df3e1a5ca2
b990552df973348baaa61af6a11d527c465edb14339f38e25d112b2a1a72ab0e
bfe056293886177b09ff745622e1ed914c80210571ba1c1f357e26f2a456cc10
c14d9ab83afefac27b8b16689d2d1444e1d0d93ad55bbd1a55895fccfef24f74
c325a3a446a33b8dfb329feec9df9c003de983a5c64bc3d27696c646e8d963c6
c52ffb59a6bf4ac549ed6da4dbe39a7661ff82147942ff109c2e72ae676b787c
c63b604d15f21c5c2ec47006eea644b7dbc3e4354e8ec9a1d2fe207a0d906b82
c7fde7808d71d2745dd9d6dfd82913fa5f725edc3138294fe3042091d7b59c5b
c9162d4290d87dcbc846b47826cc97577d6ec6e910476989575f0cb135d2f220
cc5bf6d7ff854fcd8d901351443e692b013b81e5c47f51e02e3d3685e2ab961c
ccaabd1f9aa371b58a46ba623deadf51680ab27109b399559724856bf925ec9d
d1cd403161f1ab06eb5830100674c8cdc4aeee39b83d94b0dea719d8907df1c7
d4067930b3bd986758e5cf0716f632eed56d9628eba4fc6d9002a00cc94110dc
d546a6710350a9c1a85aa7afe689f32bda0847cffbb2b765f90b0918d627bd5d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9cdf9b8cd47c0a17356ff68e2581021800a4c86dd8d71aaf0ad5cfe025b114e
db247da989b444145ac8089c0e67518ec866692e3a063d55fbd677e7b93247ee
dbb34bb54b5f0572830a2d6de4280161e504762decce6b3db394db1af8867cb8
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcbf1fab6443e45f4c46e7ca2f324c0b2a0e236ddd8a4e65e97b12c129b3094f
de1c4324a0656d7d9925b236c4b00d922abbb0056b6912d6ee052e97961c3024
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fae83c7b1bc318026072592130f5d8ac977970ad81b79218dd442235a59b6e
ec5f7597c123181788fd043c205d990937daab3c1565e7df4ba16d47f030c160
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eeab6099229124c0acf1a7cbccf49c55808ca5de5ba8468e03d98bcfcdab3ed7
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef6c1f3e60c738e0efe4050ab6cb05bd536d01e116a656270e2e93c25bc82ce3
f424915a4487a557e62a18d476391dcefd208f8a0d3050e95f1d02a3ee4fc040
f7bdf8f9ec125444bedd4c013d5b956636ea5b8407e0b60c991a361f65beab99
fab06beda6c8c452e25e0adee818c31d7fb0b8381d370d3dcbb9d62ec8107860
fc9f94bac395a68b247d7b18c56682d5e3105df9fb210f428f379fa8b16496a8
fd77c41d41a299d224e36572ee84e734bb53f2c56b3babe78619ec413d56d68a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffce8dae243aa4f3f3fc78eeb3ced1fae5d2f486dfe96a0f781b225f5de54fa7

www.huntress.com Open in urlscan Pro 199.60.103.228 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

184 Requests

97 %HTTPS

0 %IPv6

32 Domains

45 Subdomains

37 IPs

6 Countries

6055 kBTransfer

18674 kBSize

28 Cookies

47 Outgoing links

Page URL History

Redirected requests

184 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.huntress.com Open in urlscan Pro
199.60.103.228 Public Scan

Screenshot
Live screenshot

Full Image

184
Requests

97 %
HTTPS

0 %
IPv6

32
Domains

45
Subdomains

37
IPs

6
Countries

6055 kB
Transfer

18674 kB
Size

28
Cookies

184 HTTP transactions
4 data transactions