portal.offsec.com Open in urlscan Pro
104.22.75.103 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://portal.offsec.com/api/logout/r/?rd=https%3A%2F%2Fportal.offsec.com%2Fsign-up%2Fenterprise%3Flink%3DeyJhbGciOiJIUzI...
Effective URL:
https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDI...
Submission: On November 18 via manual (November 18th 2023, 8:26:52 pm UTC) from AU — Scanned from AU

Summary HTTP 76 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 13 domains to perform 76 HTTP transactions. The main IP is 104.22.75.103, located in and belongs to CLOUDFLARENET, US. The main domain is portal.offsec.com.
TLS certificate: Issued by E1 on October 24th 2023. Valid for: 3 months.

This is the only time portal.offsec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	104.22.75.103 104.22.75.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.24.42 172.217.24.42	15169 (GOOGLE) (GOOGLE)
2	23.32.5.175 23.32.5.175	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
2	23.38.128.171 23.38.128.171	16625 (AKAMAI-AS) (AKAMAI-AS)
6	172.67.70.147 172.67.70.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	18.67.111.112 18.67.111.112	16509 (AMAZON-02) (AMAZON-02)
1	34.213.255.230 34.213.255.230	16509 (AMAZON-02) (AMAZON-02)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.22.54.104 104.22.54.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.221.67 142.251.221.67	15169 (GOOGLE) (GOOGLE)
1 2	172.217.167.100 172.217.167.100	15169 (GOOGLE) (GOOGLE)
2	172.217.167.66 172.217.167.66	15169 (GOOGLE) (GOOGLE)
1	172.217.24.40 172.217.24.40	15169 (GOOGLE) (GOOGLE)
2	192.124.249.6 192.124.249.6	30148 (SUCURI-SEC) (SUCURI-SEC)
1	34.249.168.150 34.249.168.150	16509 (AMAZON-02) (AMAZON-02)
1	142.250.204.3 142.250.204.3	15169 (GOOGLE) (GOOGLE)
76	19

22 104.22.75.103 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

portal.offsec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.24.42 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.5.175 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-5-175.deploy.static.akamaitechnologies.com

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.38.128.171 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-38-128-171.deploy.static.akamaitechnologies.com

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.70.147 (United States)

ASN13335 (CLOUDFLARENET, US)

static.userguiding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
user.userguiding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.67.111.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-112.syd62.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.213.255.230 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-255-230.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o4505643676336128.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.54.104 (None, )

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.221.67 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.167.100 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.167.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.24.40 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.124.249.6 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10006.sucuri.net

offsec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.168.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-168-150.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.3 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f3.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	offsec.com 1 redirects portal.offsec.com offsec.com — Cisco Umbrella Rank: 455747	5 MB
19	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 m.stripe.com — Cisco Umbrella Rank: 1249 r.stripe.com — Cisco Umbrella Rank: 3546	617 KB
6	userguiding.com static.userguiding.com — Cisco Umbrella Rank: 46275 user.userguiding.com — Cisco Umbrella Rank: 53814	491 KB
4	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4470 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5121	35 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net Failed	2 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 analytics.google.com Failed	671 B
2	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 6067 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 5420	3 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	18 KB
1	google.com.au www.google.com.au — Cisco Umbrella Rank: 28394	455 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	74 KB
1	gstatic.com fonts.gstatic.com	46 KB
1	sentry.io o4505643676336128.ingest.sentry.io	324 B
76	13

	Domain	Requested by
22	portal.offsec.com	1 redirects portal.offsec.com consent.cookiebot.com
9	js.stripe.com	portal.offsec.com consent.cookiebot.com js.stripe.com
5	r.stripe.com	js.stripe.com
4	user.userguiding.com	portal.offsec.com
4	q.stripe.com	portal.offsec.com
3	fonts.googleapis.com	portal.offsec.com
2	offsec.com	portal.offsec.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.google.com	1 redirects
2	m.stripe.network	js.stripe.com m.stripe.network
2	static.userguiding.com	portal.offsec.com
2	consentcdn.cookiebot.com	consent.cookiebot.com
2	consent.cookiebot.com	portal.offsec.com consent.cookiebot.com
1	www.google.com.au
1	rum-collector-2.pingdom.net	portal.offsec.com
1	www.googletagmanager.com	portal.offsec.com
1	fonts.gstatic.com	fonts.googleapis.com
1	rum-static.pingdom.net	portal.offsec.com
1	o4505643676336128.ingest.sentry.io	portal.offsec.com
1	m.stripe.com	m.stripe.network
0	stats.g.doubleclick.net Failed	portal.offsec.com
0	analytics.google.com Failed	portal.offsec.com
76	22

This site contains no links.

Subject Issuer	Validity	Valid
offsec.com E1	`2023-10-24` - `2024-01-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-06` - `2024-04-06`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-17` - `2024-04-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
pingdom.net Cloudflare Inc ECC CA-3	`2023-10-14` - `2024-10-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.pingdom.net Amazon RSA 2048 M03	`2023-11-06` - `2024-12-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
Frame ID: 7541085BAA9DCEB270E270F506FEDF32
Requests: 54 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 1A79173CBA13F20117FF90BD9F6D28D1
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 77651F7F0180D5D5E76F5C793BCE28ED
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 97B0FAD14754B3763EB8A52F7140AA1E
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
Frame ID: EC7D5ADC5EF4C05F7A7E0A8E45B1EAEE
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OffSec | Sign up

Page URL History Show full URLs

https://portal.offsec.com/api/logout/r/?rd=https%3A%2F%2Fportal.offsec.com%2Fsign-up%2Fenterprise%3Fli... HTTP 302
https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY... Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

76
Requests

86 %
HTTPS

0 %
IPv6

13
Domains

22
Subdomains

19
IPs

4
Countries

6019 kB
Transfer

21241 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://portal.offsec.com/api/logout/r/?rd=https%3A%2F%2Fportal.offsec.com%2Fsign-up%2Fenterprise%3Flink%3DeyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc HTTP 302
https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://www.google.com/pagead/landing?gcs=G111&gcd=11n1n1l1l5&rnd=1079750104.1700339210&url=https%3A%2F%2Fportal.offsec.com%2Fsign-up%2Fenterprise&dma=0&gtm=45Fe3b81n81K6DJWQRv892450498&auid=1212153950.1700339210 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11n1n1l1l5&rnd=1079750104.1700339210&url=https%3A%2F%2Fportal.offsec.com%2Fsign-up%2Fenterprise&dma=0&gtm=45Fe3b81n81K6DJWQRv892450498&auid=1212153950.1700339210

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request enterprise Show response
portal.offsec.com/sign-up/
Redirect Chain

https://portal.offsec.com/api/logout/r/?rd=https%3A%2F%2Fportal.offsec.com%2Fsign-up%2Fenterprise%3Flink%3DeyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3M...
https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9...

3 KB
1 KB

218ms
216ms

Document
text/html

104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c84d99c8c6cfedf7b56abeb383fbfb86cffcb3a9a385e8444c620634e26caec

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 8282f345bbaca973-SYD
content-encoding: gzip
content-type: text/html
date: Sat, 18 Nov 2023 20:26:46 GMT
last-modified: Fri, 17 Nov 2023 17:51:50 GMT
server: cloudflare
x-frame-options: DENY

Redirect headers

allow: GET, HEAD, OPTIONS
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
cf-cache-status: DYNAMIC
cf-ray: 8282f3444ab2a973-SYD
content-length: 0
cross-origin-opener-policy: same-origin
date: Sat, 18 Nov 2023 20:26:46 GMT
expires: Sat, 18 Nov 2023 20:26:45 GMT
location: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
referrer-policy: same-origin
server: cloudflare
vary: Authorization, Origin, Cookie
x-content-type-options: nosniff
x-frame-options: DENY
x-trace: 2B417A3A164384CAA29F068278B74DF4CBC91E086C78669D06C45752E700

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
1 KB 593ms
194ms Stylesheet
text/css 172.217.24.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f10.1e100.net

Software

ESF /

Resource Hash

5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Nov 2023 20:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 19:55:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Nov 2023 20:26:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 496ms
97ms Stylesheet
text/css 172.217.24.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f10.1e100.net

Software

ESF /

Resource Hash

47a8a3cac11d58041b7c0874be17d4c7f9a71fe87ec09e8dc3dbf047438346d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Nov 2023 20:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 19:43:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Nov 2023 20:26:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
495 B 496ms
97ms Stylesheet
text/css 172.217.24.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;500;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f10.1e100.net

Software

ESF /

Resource Hash

a9013a737d5a92af5fa83b598cbd897ca98275812fea86e8434bd96daa2c0eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Nov 2023 20:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 19:32:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Nov 2023 20:26:46 GMT

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 107 KB
33 KB 329ms
8ms Script
application/javascript 23.32.5.175
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: portal.offsec.com
URL: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.5.175 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-5-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 865ab4a87f33a53ccca83280b1579c59c37e0913aa51a5ae543dd193e38fc55d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Sat, 18 Nov 2023 20:26:46 GMT
content-encoding: gzip
last-modified: Tue, 14 Nov 2023 12:47:42 GMT
etag: "1e932c2f816da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=148
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 33488
expires: Sat, 18 Nov 2023 20:29:14 GMT

GET
H2 200 index.34717732.js Show response
portal.offsec.com/assets/ 8 MB
2 MB 12ms
11ms Script
application/javascript 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.offsec.com/assets/index.34717732.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

429b7213e827efdb27bf7a7f00f09ea2de406bc8df3665818f76612dc86dd0b5

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
Origin: https://portal.offsec.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 17 Nov 2023 17:51:50 GMT
server: cloudflare
age: 3479
etag: W/"6557a836-78425c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
cf-ray: 8282f3472c6ba973-SYD

GET
H2 200 index.b2a5cc3b.css
portal.offsec.com/assets/ 547 KB
83 KB 15ms
14ms Stylesheet
text/css 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.offsec.com/assets/index.b2a5cc3b.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e32b2b976870a44be32f5eeef26e6a5bbeb62ec74fd3f5fd385e696da6220

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 17 Nov 2023 17:51:50 GMT
server: cloudflare
age: 7111
etag: W/"6557a836-88aef"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=120
cf-ray: 8282f3472c69a973-SYD

GET
H2 200 / Show response
js.stripe.com/v3/ 556 KB
154 KB 428ms
139ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

90deaa6ce62764135079beba976e8df57220a817e759914adf09626153f38c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 18 Nov 2023 20:26:46 GMT
via: 1.1 varnish
age: 28
x-cache: HIT
content-length: 157344
x-request-id: cc367c88-4337-4156-ad1f-04b04c0a831c
x-served-by: cache-bfi-kbfi7400036-BFI
last-modified: Fri, 17 Nov 2023 21:35:53 GMT
server: Fastly
etag: "b2cc65458b2c4ec73e91a4fb930e6217"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 configuration.js Show response
consentcdn.cookiebot.com/consentconfig/5cfe7093-608f-4f4e-80b4-925b1e9d949f/portal.offsec.com/ 855 B
1 KB 319ms
6ms Script
application/x-javascript 23.38.128.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/consentconfig/5cfe7093-608f-4f4e-80b4-925b1e9d949f/portal.offsec.com/configuration.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.128.171 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-128-171.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8cba5c259f466f8a2addf53f7ee0265478cce850375df9a2f22788b9fa5082f4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:47 GMT
last-modified: Fri, 17 Nov 2023 15:04:46 GMT
server: AkamaiNetStorage
etag: "281839165dd23a87af2e7732aa20d4a9:1700233486.222699"
content-type: application/x-javascript
cache-control: max-age=84224
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=3, origin; dur=0, ak_p; desc="1700339207178_386003006_23445586_336_526_1_0_146";dur=1
accept-ranges: bytes
content-length: 855
expires: Sun, 19 Nov 2023 19:50:31 GMT

GET
H2 200 cc.js Show response
consent.cookiebot.com/5cfe7093-608f-4f4e-80b4-925b1e9d949f/ 39 B
419 B 280ms
279ms Script
application/x-javascript 23.32.5.175
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/5cfe7093-608f-4f4e-80b4-925b1e9d949f/cc.js?renew=false&referer=portal.offsec.com&dnt=false&init=false&georegions=%5B%7B%22r%22%3A%22US-06%22%2C%22i%22%3A%226abbf59f-78fd-4d8f-ac7e-b57c0f046bbf%22%7D%5D
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.5.175 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-5-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ea352f086a7b94da48e76f5b9c544e3364e5a7c997fd7c42f8c8eea7a80cd60f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:47 GMT
content-encoding: gzip
last-modified: Sat, 18 Nov 2023 20:26:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
cross-origin-resource-policy: cross-origin
content-length: 156
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H2 200 bc-v4.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame 1A79 627 B
809 B 215ms
4ms Document
text/html 23.38.128.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.128.171 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-128-171.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer: https://portal.offsec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=31118810
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 20:26:47 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Wed, 13 Nov 2024 00:33:37 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1700339207172_386003006_23445585_26_893_1_4_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 user-guiding-011471158ID-embedded.js Show response
static.userguiding.com/media/ 2 MB
474 KB 1871ms
1557ms Script
application/javascript 172.67.70.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.userguiding.com/media/user-guiding-011471158ID-embedded.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9f3241db2b5d82f18f9282662790d3ba8b7e8f03a929469c51f08578ebb6f40e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:49 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
last-modified: Sat, 18 Nov 2023 14:50:46 GMT
server: cloudflare
etag: W/"1ba5ea-18be2e9aa6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4fc05RpG9Ckg%2Bbvjo4zN%2F0nPBf6xg2oNZmsb4VMzCiy4Z6oi%2FOEDigx8QMw%2FEydnv5eMqTtwWTk%2BYzQCzTdaLuNrROaId0ARuXDP9uSPPnNlcpzPcNrHhbF1iiCCPXYRpDNuhQX5OQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-sent: true
x-timestamp: 1700339207823
cache-control: public, max-age=1800
cf-ray: 8282f34efbb7dfa7-SYD

GET
H2 200 index.34717732.js Show response
portal.offsec.com/assets/ 8 MB
2 MB 15ms
15ms Script
application/javascript 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.offsec.com/assets/index.34717732.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

429b7213e827efdb27bf7a7f00f09ea2de406bc8df3665818f76612dc86dd0b5

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
Origin: https://portal.offsec.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 17 Nov 2023 17:51:50 GMT
server: cloudflare
age: 3480
etag: W/"6557a836-78425c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
cf-ray: 8282f34cff7da973-SYD

GET
H2 200 config.json Show response
portal.offsec.com/ 2 KB
1 KB 215ms
215ms Fetch
application/json 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.offsec.com/config.json

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4fc621d6f2af125c4d226ddba692ae347e1b052f9c5f4999ba4f23c6e95ecff

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 17 Nov 2023 17:54:37 GMT
server: cloudflare
etag: W/"6557a8dd-7a9"
x-frame-options: DENY
content-type: application/json
cf-ray: 8282f3503940a973-SYD

GET
H2 200 / Show response
js.stripe.com/v3/ 556 KB
154 KB 140ms
140ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

90deaa6ce62764135079beba976e8df57220a817e759914adf09626153f38c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 18 Nov 2023 20:26:47 GMT
via: 1.1 varnish
age: 28
x-cache: HIT
content-length: 157344
x-request-id: 1d6fa76f-57f5-4789-996d-622c2a99378a
x-served-by: cache-bfi-kbfi7400036-BFI
last-modified: Fri, 17 Nov 2023 21:35:54 GMT
server: Fastly
etag: "b2cc65458b2c4ec73e91a4fb930e6217"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 7765 200 B
840 B 139ms
139ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.offsec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6130945
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 18 Nov 2023 20:26:48 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 197718
x-content-type-options: nosniff
x-request-id: 6da8916e-62a4-4bc1-88ef-062f214474bb
x-served-by: cache-bfi-kbfi7400036-BFI

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7765 631 B
533 B 140ms
139ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 18 Nov 2023 20:26:48 GMT
via: 1.1 varnish
age: 6130946
x-cache: HIT
content-length: 399
x-request-id: fca6729f-8857-4415-a447-56cbf492e408
x-served-by: cache-bfi-kbfi7400036-BFI
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 187451

POST
H2 200 csp-report
q.stripe.com/ Frame 7765 0
717 B 461ms
154ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 18 Nov 2023 20:26:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700339208482509
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700339208482041
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7765 0
717 B 461ms
155ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 18 Nov 2023 20:26:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700339208482671
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700339208482088
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 97B0 930 B
2 KB 326ms
5ms Document
text/html 18.67.111.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.111.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-111-112.syd62.r.cloudfront.net

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 277
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 18 Nov 2023 20:22:15 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 3468af8a053b0ff241626aed87444af8.cloudfront.net (CloudFront)
x-amz-cf-id: nU5bUM9vu_TscLR3r0SqzH6BhJiIZ7uwNPzvKWg-gh0VeV78OvrbkQ==
x-amz-cf-pop: SYD62-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 97B0 0
491 B 154ms
154ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 18 Nov 2023 20:26:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700339208646746
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1700339208646368
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 97B0 87 KB
16 KB 5ms
5ms Script
text/javascript 18.67.111.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.111.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-111-112.syd62.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:22:15 GMT
content-encoding: gzip
via: 1.1 3468af8a053b0ff241626aed87444af8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 274
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: SYD62-P2
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: -SLB7kvEPHoThPwNiMmLlOHsaj8zR5zg_X_0Z7yiWlr2pO5DADfT-A==

POST
H2 200 6 Show response
m.stripe.com/ Frame 97B0 156 B
670 B 456ms
155ms XHR
application/json 34.213.255.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.213.255.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-255-230.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

eb9ee66808c3c7380ee43c8ae84107dd6aa167ce448e7411ad86bf61ec4a988f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Sat, 18 Nov 2023 20:26:48 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700339208992790
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1700339208992450
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 index.b0900fa2.js Show response
portal.offsec.com/assets/ 5 KB
2 KB 12ms
12ms Script
application/javascript 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.offsec.com/assets/index.b0900fa2.js

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ed41f5d77e880cdce9834420568f928b1d4f70acf123b2dca142583c46f5901

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://portal.offsec.com/assets/index.34717732.js
Origin: https://portal.offsec.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 17 Nov 2023 17:51:50 GMT
server: cloudflare
age: 5901
etag: W/"6557a836-129b"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
cf-ray: 8282f3585e86a973-SYD

POST
H2 401 me Show response
portal.offsec.com/api/ 0
177 B 228ms
228ms XHR
text/plain 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.offsec.com/api/me

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:49 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 0
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-trace: 2BD96DC662E7F0FDFBC07A238684CA94CB35A2F880CBE1F28BB85AF55100
allow: POST, OPTIONS
vary: Authorization, Origin, Cookie
access-control-allow-origin: https://portal.offsec.com
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
access-control-allow-credentials: true
x-frame-options: DENY
cf-ray: 8282f3585e88a973-SYD
expires: Sat, 18 Nov 2023 20:26:49 GMT

GET
H2 200 controller-3132e16734973ccb58066950185c0af5.html Show response
js.stripe.com/v3/ Frame EC7D 325 B
871 B 140ms
139ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

43930e37bce5cf2bdc0406301b3170eb11dd357514ceae95a703a0fe034aaae1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.offsec.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 14
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 18 Nov 2023 20:26:49 GMT
etag: "3132e16734973ccb58066950185c0af5"
last-modified: Fri, 17 Nov 2023 21:03:03 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: f11f7fb5-2a9d-4fea-a327-a00f77da189d
x-served-by: cache-bfi-kbfi7400036-BFI

GET
H2 200 gtm.js Show response
portal.offsec.com/omd/ 235 KB
79 KB 462ms
462ms Script
application/javascript 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.offsec.com/omd/gtm.js?id=GTM-K6DJWQR
Requested by: Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.b0900fa2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1340d26ae607a2e5c49bb9dc1e6bf2e84e18464e1d84cf2b409f7efafd0d68c5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:49 GMT
content-encoding: gzip
cf-cache-status: BYPASS
last-modified: Sat, 18 Nov 2023 18:00:00 GMT
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=900
cf-ray: 8282f3586e91a973-SYD
expires: Sat, 18 Nov 2023 20:41:15 GMT

GET
H2 200 / Show response
portal.offsec.com/api/operating-systems-families/ 159 B
246 B 226ms
226ms XHR
application/json 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.offsec.com/api/operating-systems-families/

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05212b78ded8432e79e8a7e9457c5959fc5b0e6c5f4b9dd981f67fee6b6ccbfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:49 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cross-origin-opener-policy: same-origin
x-trace: 2BAF5B55F294DDA93D0B0B45A6A714E50120E28EC619B9A350B1414C5200
allow: GET, HEAD, OPTIONS
vary: Authorization, Origin
content-type: application/json
x-frame-options: DENY
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
cf-ray: 8282f3587e9ca973-SYD
expires: Sat, 18 Nov 2023 20:26:49 GMT

POST
H2 401 me Show response
portal.offsec.com/api/ 0
92 B 231ms
231ms XHR
text/plain 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.offsec.com/api/me

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:49 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 0
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-trace: 2BFDE1C19743608D44005CBAFAE9D2E7FEF9B24ADAFAC9DB489C51A69C00
allow: POST, OPTIONS
vary: Authorization, Origin, Cookie
access-control-allow-origin: https://portal.offsec.com
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
access-control-allow-credentials: true
x-frame-options: DENY
cf-ray: 8282f3587e9ea973-SYD
expires: Sat, 18 Nov 2023 20:26:49 GMT

POST
H2 200 / Show response
o4505643676336128.ingest.sentry.io/api/4505643677646848/envelope/ 2 B
324 B 20ms
5ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4505643676336128.ingest.sentry.io/api/4505643677646848/envelope/?sentry_key=cdf3fa7a300f4468804f5c526ad2171d&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.68.0

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://portal.offsec.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 18 Nov 2023 20:26:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 pa-6099867f5391000011000396.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 1396ms
1084ms Script
application/javascript 104.22.54.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-6099867f5391000011000396.js
Requested by: Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 688bc559b0281cf409122a6ba79dd31ccf7491fbd4075a89c409b376f4417223

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:50 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
server: cloudflare
etag: W/"63490024-1852"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 8282f35aafe95575-SYD
expires: Sat, 18 Nov 2023 20:31:50 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 400ms
3ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.offsec.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:24:01 GMT
x-content-type-options: nosniff
age: 162168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 23:24:01 GMT

GET
BLOB 200
OK e91b0b08-c806-49be-b029-d522383361c9
https://portal.offsec.com/ 46 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://portal.offsec.com/e91b0b08-c806-49be-b029-d522383361c9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 46922
Content-Type

POST
H2 200 csp-report
q.stripe.com/ Frame EC7D 0
718 B 165ms
165ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 18 Nov 2023 20:26:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700339209239398
x-envoy-upstream-service-time: 13
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 6
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700339209234706
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-7cc701e41de11d39c80345b2a8d3fc73.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EC7D 534 KB
129 KB 140ms
140ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

21e0577bdef99274f85366c05b4ed596183789bb3fff63766b84ecae349de050

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 18 Nov 2023 20:26:49 GMT
via: 1.1 varnish
age: 84154
x-cache: HIT
content-length: 132140
x-request-id: 51012c50-6e87-45d0-9743-87d8d31a3b66
x-served-by: cache-bfi-kbfi7400036-BFI
last-modified: Fri, 17 Nov 2023 21:03:17 GMT
server: Fastly
etag: "53769739a53ea437a208dabadb1a17b1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H2 200 controller-d2b86c303c66a70842cb3c54e2f4456f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EC7D 663 KB
172 KB 172ms
172ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-d2b86c303c66a70842cb3c54e2f4456f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0e2b6ca8941a2593894d63df4a7d687339e3be2dcd891b3f21f22441df2b23d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 18 Nov 2023 20:26:49 GMT
via: 1.1 varnish
age: 84153
x-cache: HIT
content-length: 176348
x-request-id: 4a214d5e-961c-411e-a6fb-bf01445c2db6
x-served-by: cache-bfi-kbfi7400036-BFI
last-modified: Fri, 17 Nov 2023 21:03:14 GMT
server: Fastly
etag: "5d94d4fa99a156ddc3ebe1357bee1d9a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 26

GET
H2 200 / Show response
portal.offsec.com/api/playground/labs/ 225 B
247 B 238ms
237ms XHR
application/json 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.offsec.com/api/playground/labs/

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37b44f3d5d1027e1ccbb18841ce7d8adf5140c5d7cd04c38da10eb512979a6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:49 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cross-origin-opener-policy: same-origin
x-trace: 2BA5A25E045435ABD8051C2BEBEC5AECC1E9B5AC6B94A802CDF281698D00
allow: GET, HEAD, OPTIONS
vary: Authorization, Origin, Cookie
content-type: application/json
x-frame-options: DENY
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
cf-ray: 8282f359df5aa973-SYD
expires: Sat, 18 Nov 2023 20:26:49 GMT

GET
H2 200 verify Show response
portal.offsec.com/services/accounts/v1/invite/ 40 B
387 B 1868ms
1867ms XHR
application/json 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.offsec.com/services/accounts/v1/invite/verify?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
Requested by: Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd6fe8db57354f168502f5f7cabbce3f3034ffcb912c90940c8ab6e1becc01d2

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"28-uNFJ8+Su23RmKwt0f3XASUaWfD4"
access-control-max-age: 3600
access-control-allow-methods: GET, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: undefined
access-control-expose-headers: *
access-control-allow-credentials: true
cf-ray: 8282f359ef65a973-SYD
access-control-allow-headers: Authorization,Origin,Accept,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,X-Property-Casing
content-length: 40

GET
H2 200 sdk-011471158ID.json Show response
static.userguiding.com/media/ 116 KB
15 KB 532ms
221ms XHR
application/json 172.67.70.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.userguiding.com/media/sdk-011471158ID.json

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a553ef554e758b15cad5048e37c735d0afde8a36f33428c0d8523b1bb08a886e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.offsec.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:49 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
last-modified: Sat, 18 Nov 2023 20:01:20 GMT
server: cloudflare
etag: W/"1cff7-18be405fee8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzgrRe7u38ytkOx9CESNjsbfUlWg%2BwDvMyzGbdwlr4%2FT%2Bq9%2F57PgYotqgVcb0e3ciwWKXs%2Bl84uwyTSbKJ87Cr3ZV%2B0NxUVKsSM9uV5ptZocVogvlirmYep75yL6iMYJwcAoFuyK%2BGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-sent: true
x-timestamp: 1700339209771
cache-control: public, max-age=0
cf-ray: 8282f35c8c8c5c0f-SYD

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame EC7D 474 B
369 B 462ms
153ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

879e5a20d16b6c5edeb74bd6ed1123fa8b57d8ae884e4e91b9bf968c6f7bcdfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 18 Nov 2023 20:26:49 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 21
x-cache: HIT
content-length: 298
x-request-id: 7576c5f1-7d9c-4131-949a-bce079cf42ec
x-served-by: cache-bfi-krnt7300032-BFI
last-modified: Fri, 17 Nov 2023 21:38:14 GMT
server: Fastly
etag: "fff34dce28f81b9d8afc4b96ff54fb36"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame EC7D 474 B
612 B 452ms
152ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

879e5a20d16b6c5edeb74bd6ed1123fa8b57d8ae884e4e91b9bf968c6f7bcdfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 18 Nov 2023 20:26:49 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 21
x-cache: HIT
content-length: 298
x-request-id: cd41254b-626a-4129-80ef-61ae62287afc
x-served-by: cache-bfi-krnt7300032-BFI
last-modified: Fri, 17 Nov 2023 21:38:14 GMT
server: Fastly
etag: "fff34dce28f81b9d8afc4b96ff54fb36"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8

GET
H2 200 / Show response
portal.offsec.com/api/content/filters/ 13 KB
2 KB 227ms
227ms XHR
application/json 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.offsec.com/api/content/filters/

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9438b0d707b264b408237bc9c96680633173329274ad364133e53c2b6b7956da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 1878
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-trace: 2BC12244F4649E3926EED391985E826443DB13A9C665F1E5B57E7A87BC00
allow: GET, HEAD, OPTIONS
vary: Authorization, Origin, Cookie, Accept-Encoding
content-type: application/json
x-frame-options: DENY
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
cf-ray: 8282f35b581ca973-SYD
expires: Sat, 18 Nov 2023 20:26:49 GMT

GET
H2 200 / Show response
portal.offsec.com/api/content/10/ 5 KB
1 KB 240ms
239ms XHR
application/json 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.offsec.com/api/content/10/

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fd3596a2b2fd350fa4f82e42dc36d62a51f5d4b79e69c1d74c64a6eb9bcfcb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 772
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-trace: 2B0FBC36346282CE557943048D8DC7C2AC9A5E1EC39E91710B48B7903200
allow: GET, HEAD, OPTIONS
vary: Authorization, Origin, Cookie, Accept-Encoding
content-type: application/json
x-frame-options: DENY
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
cf-ray: 8282f35cf917a973-SYD
expires: Sat, 18 Nov 2023 20:26:49 GMT

GET
H2 200 / Show response
portal.offsec.com/api/content/23/ 9 KB
976 B 236ms
236ms XHR
application/json 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.offsec.com/api/content/23/

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0b5829845b11785aef967daad4197a6a64906931a442cd9dba1d2687681eba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 864
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-trace: 2B7719BC064C577223546E715253775E3292DABE1C38882B3313966F6D00
allow: GET, HEAD, OPTIONS
vary: Authorization, Origin, Cookie, Accept-Encoding
content-type: application/json
x-frame-options: DENY
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
cf-ray: 8282f35cf919a973-SYD
expires: Sat, 18 Nov 2023 20:26:49 GMT

GET
H2 200 / Show response
portal.offsec.com/api/content/32/ 788 B
408 B 657ms
656ms XHR
application/json 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.offsec.com/api/content/32/

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

615418241f141e0c6eb8ee8353edc80e725ada59533e6acff1e6597798e2234d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 250
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-trace: 2B35314F73E3FFDE43AE2555A0245D50C00FBF95588A7F666EA7E128C600
allow: GET, HEAD, OPTIONS
vary: Authorization, Origin, Cookie, Accept-Encoding
content-type: application/json
x-frame-options: DENY
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
cf-ray: 8282f35d091ba973-SYD
expires: Sat, 18 Nov 2023 20:26:50 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame EC7D 0
273 B 165ms
159ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 18 Nov 2023 20:26:49 GMT
x-stripe-server-envoy-start-time-us: 1700339209950197
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1700339209949902
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EC7D 0
272 B 159ms
156ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 18 Nov 2023 20:26:49 GMT
x-stripe-server-envoy-start-time-us: 1700339209947778
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1700339209947122
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EC7D 0
273 B 162ms
160ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 18 Nov 2023 20:26:49 GMT
x-stripe-server-envoy-start-time-us: 1700339209952529
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1700339209952329
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EC7D 0
273 B 164ms
163ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 18 Nov 2023 20:26:49 GMT
x-stripe-server-envoy-start-time-us: 1700339209955441
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1700339209955073
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame EC7D 0
273 B 164ms
164ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 18 Nov 2023 20:26:49 GMT
x-stripe-server-envoy-start-time-us: 1700339209958265
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1700339209957994
access-control-allow-credentials: true
content-length: 0

GET
H2

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=11n1n1l1l5&rnd=1079750104.1700339210&url=https%3A%2F%2Fportal.offsec.com%2Fsign-up%2Fenterprise&dma=0&gtm=45Fe3b81n81K6DJWQRv892450498&auid=121215...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11n1n1l1l5&rnd=1079750104.1700339210&url=https%3A%2F%2Fportal.offsec.com%2Fsign-up%2Fenterprise&dma=0&gtm=45Fe3b81n81K6DJWQRv89245049...

42 B
588 B

502ms
101ms

Ping
image/gif

172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11n1n1l1l5&rnd=1079750104.1700339210&url=https%3A%2F%2Fportal.offsec.com%2Fsign-up%2Fenterprise&dma=0&gtm=45Fe3b81n81K6DJWQRv892450498&auid=1212153950.1700339210

Protocol

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 20:26:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 20:26:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11n1n1l1l5&rnd=1079750104.1700339210&url=https%3A%2F%2Fportal.offsec.com%2Fsign-up%2Fenterprise&dma=0&gtm=45Fe3b81n81K6DJWQRv892450498&auid=1212153950.1700339210
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
portal.offsec.com/omd/gtag/ 285 KB
93 KB 481ms
481ms Script
application/javascript 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.offsec.com/omd/gtag/js?id=G-HG5D8M5XVV&l=dataLayer&cx=c&sign=1471ac0c095206741045d73577ad03f3b0fc6c03c06f5f54633e0792fc062628_20231118
Requested by: Host: portal.offsec.com
URL: https://portal.offsec.com/omd/gtm.js?id=GTM-K6DJWQR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63780c320fc98c92214df23dde5a4b224040164357fab6a1b563c24e06673799

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:50 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=900
cf-ray: 8282f35f4a3da973-SYD
expires: Sat, 18 Nov 2023 20:41:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
74 KB 518ms
112ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-775441284

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/omd/gtm.js?id=GTM-K6DJWQR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

07179f150a898e665ce6b76b0c751cb13a717ef19677d4a7a8ca41b9bc8b2a67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75464
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Nov 2023 20:26:50 GMT

GET
H2 200 script.js Show response
offsec.com/js/ 3 KB
2 KB 571ms
152ms Script
application/javascript 192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://offsec.com/js/script.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

21f24fceb2c70b75d4e9ffb7cab6eefb59731f503db0841ab3974821ae827d93

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sat, 18 Nov 2023 20:26:50 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
content-encoding: br
cdn-edgestorageid: 925
x-sucuri-cache: HIT
cdn-cachedat: 11/17/2023 12:04:49
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
application: 10.0.1.5
alt-svc: h3=":443"; ma=2592000
x-xss-protection: 1; mode=block
server: nginx
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: max-age=315360000
x-sucuri-id: 11026
permissions-policy: interest-cohort=()
cdn-requestid: 2298ef1484157f8533280159e1e7a66c
cdn-requestcountrycode: US
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 1114ms
265ms XHR
text/plain 34.249.168.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=6099867f5391000011000396&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=1&nS=0&cS=840&cE=840&dLE=840&dLS=840&fS=840&hS=-1&rE=840&rS=0&reS=842&resS=1059&resE=1059&uEE=-1&uES=-1&dL=1073&dI=1690&dCLES=1690&dCLEE=1690&dC=2005&lES=2005&lEE=2006&s=nt&title=OffSec%20%7C%20Sign%20up&path=https%3A%2F%2Fportal.offsec.com%2Fsign-up%2Fenterprise&ref=&sId=jg4227lc&sST=1700339210&sIS=1&rV=0&v=1.4.1
Requested by: Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.168.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-168-150.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sat, 18 Nov 2023 20:26:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

OPTIONS
H2 200 identify
user.userguiding.com/sdk/ Frame 0
0 229ms
223ms Preflight
text/plain 172.67.70.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user.userguiding.com/sdk/identify

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://portal.offsec.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: *
access-control-max-age: 600
cf-cache-status: DYNAMIC
cf-ray: 8282f36278555c0f-SYD
content-length: 2
content-type: text/plain; charset=utf-8
date: Sat, 18 Nov 2023 20:26:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P22o9IF1OjEHYfwY0kW3p36AnSyKQ4dU1jo1vkAxWS1tNH6%2BQrmOPQat5R3ZdIS8KJemsxiZFhY60NUo8Ini76LcnAeB6yfWWrkOHKQKhWLbxyManFUmUgn0cTvsDJcGQpxrQEkr"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains

POST
H2 200 identify Show response
user.userguiding.com/sdk/ 870 B
688 B 436ms
436ms XHR
application/json 172.67.70.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user.userguiding.com/sdk/identify

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54fc257871c040a6afa55115e78514392f9872bc021777aeb6c4123d11caf94d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.offsec.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 18 Nov 2023 20:26:51 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuGdY5NDA9WW4OkD1hNzrdP9c5PYabypaA5SZlwEB%2FsGCzW62b1h65AXP5krUds7xemqcQ2Ri6NLgLDhtg%2BU5M%2FiCgpWgP7t5HDf3yTGlXCvIeDZkF3z1vySAd2eMZdfITRNf9P5"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8282f363d90d5c0f-SYD

POST
H2 202 event Show response
offsec.com/api/ 2 B
602 B 852ms
545ms XHR
text/plain 192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://offsec.com/api/event

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.offsec.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 18 Nov 2023 20:26:51 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cdn-edgestorageid: 925
cdn-cachedat: 11/18/2023 20:26:51
cdn-pullzone: 682664
application: 10.0.1.5
alt-svc: h3=":443"; ma=2592000
content-length: 2
x-xss-protection: 1; mode=block
x-request-id: F5jRgQRpfGTyrdAdQbkM
server: nginx
cdn-proxyver: 1.04
cdn-requestpullcode: 202
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
x-sucuri-id: 11026
permissions-policy: interest-cohort=()
cdn-requestid: be1cebfd0782042c9e4d066d4018d172
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/775441284/ 3 KB
2 KB 112ms
111ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/775441284/?random=1700339210820&cv=11&fst=1700339210820&bg=ffffff&guid=ON&async=1&gtm=45be3b81v871160621&gcd=11n1n1l1l5&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.offsec.com%2Fsign-up%2Fenterprise%3Flink%3DeyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc&hn=www.googleadservices.com&frm=0&tiba=OffSec%20%7C%20Sign%20up&did=dMWZhNz&gdid=dMWZhNz&us_privacy=1---&auid=1212153950.1700339210&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-775441284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

4b3a537005e17e79f1ef2946690b4e8d1ec9525318cf058522eb6a189b443175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1448
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/775441284/ 42 B
108 B 107ms
104ms Image
image/gif 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/775441284/?random=1700339210820&cv=11&fst=1700337600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v871160621&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.offsec.com%2Fsign-up%2Fenterprise%3Flink%3DeyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc&frm=0&tiba=OffSec%20%7C%20Sign%20up&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNkqDZj6gY887OF2NnmO-CgBklqePtq3yJhDD1mlgTvHWz6_o2&random=2363172132&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 20:26:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.au/pagead/1p-user-list/775441284/ 42 B
455 B 509ms
103ms Image
image/gif 142.250.204.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/775441284/?random=1700339210820&cv=11&fst=1700337600000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v871160621&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.offsec.com%2Fsign-up%2Fenterprise%3Flink%3DeyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc&frm=0&tiba=OffSec%20%7C%20Sign%20up&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNkqDZj6gY887OF2NnmO-CgBklqePtq3yJhDD1mlgTvHWz6_o2&random=2363172132&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 20:26:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 401 me Show response
portal.offsec.com/api/ 0
139 B 640ms
640ms XHR
text/plain 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.offsec.com/api/me

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:51 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 0
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-trace: 2BEB15BA02BD1B4AF10E66205B15BFA0886FB53CF7A6CC127658A5AF4900
allow: POST, OPTIONS
vary: Authorization, Origin, Cookie
access-control-allow-origin: https://portal.offsec.com
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
access-control-allow-credentials: true
x-frame-options: DENY
cf-ray: 8282f365ad9fa973-SYD
expires: Sat, 18 Nov 2023 20:26:51 GMT

POST
H2 200 event Show response
user.userguiding.com/sdk/ 696 B
747 B 251ms
248ms XHR
application/json 172.67.70.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user.userguiding.com/sdk/event

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07c29f4a1f7767b39aea5456355c0738d9b766853adbfd7e71ce8719780543a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.offsec.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 18 Nov 2023 20:26:51 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNt0WXWTMLBoHQiJRuMLn4l1YConH2dSUUgyVs3%2F7Tish0EHIs5ohKtFAQR09ngpE4CYV%2FS2eO4kufnmdHhoAym396T21G%2B9D6t31%2BKEPBrU8C3LdKoNj5NhcZn%2BR2uv50VTDQlW"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8282f368ab7d5c0f-SYD

OPTIONS
H2 200 event
user.userguiding.com/sdk/ Frame 0
0 225ms
225ms Preflight
text/plain 172.67.70.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user.userguiding.com/sdk/event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://portal.offsec.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: *
access-control-max-age: 600
cf-cache-status: DYNAMIC
cf-ray: 8282f3673ab85c0f-SYD
content-length: 2
content-type: text/plain; charset=utf-8
date: Sat, 18 Nov 2023 20:26:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOT7I8bBWe3Y17mssHjPOLac6Z3m4PTw0pnL%2B59J5HXeZAg5GxcTp2PnOAHxCQtwv%2BdlIqhTTliXPbaNtB9AiuXjOk94jC9ODvGOk4Ld1R1QY1nxwAG9opOiMofbPutgKaaHVZTa"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains

GET
H2 200 collect Show response
portal.offsec.com/omd/g/ 738 B
898 B 635ms
634ms XHR
text/plain 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.offsec.com/omd/g/collect?v=2&tid=G-HG5D8M5XVV&gtm=45he3b81v9123013812z8892450498&_p=1700339209023&gcs=G111&gcd=11n1n1l1l5&dma=0&gdid=dMWZhNz&cid=2018846898.1700339212&ul=en-us&sr=1600x1200&_fplc=0&ur=AU&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=AU&sst.rnd=1079750104.1700339210&sst.gse=1&sst.etld=google.com.au&sst.gcd=11n1n1l1l5&sst.us_privacy=1---&sst.tft=1700339209023&_s=1&sid=1700339211&sct=1&seg=0&dl=https%3A%2F%2Fportal.offsec.com%2Fsign-up%2Fenterprise%3Flink%3DeyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc&dt=OffSec%20%7C%20Sign%20up&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=6506&richsstsse

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea21974375a1369b63eef57e0363a8761f85b85bb741508de50b5d7c8b363f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain
cache-control: no-cache
cf-ray: 8282f3691f66a973-SYD

GET
H2 200 collect Show response
portal.offsec.com/omd/g/ 505 B
725 B 643ms
643ms XHR
text/plain 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.offsec.com/omd/g/collect?v=2&tid=G-HG5D8M5XVV&gtm=45he3b81v9123013812z8892450498&_p=1700339209023&gcs=G111&gcd=11n1n1l1l5&dma=0&gdid=dMWZhNz&cid=2018846898.1700339212&ul=en-us&sr=1600x1200&_fplc=0&ur=AU&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=AU&sst.rnd=1079750104.1700339210&sst.gse=1&sst.etld=google.com.au&sst.gcd=11n1n1l1l5&sst.us_privacy=1---&sst.tft=1700339209023&_s=2&sid=1700339211&sct=1&seg=0&dl=https%3A%2F%2Fportal.offsec.com%2Fsign-up%2Fenterprise%3Flink%3DeyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc&dt=OffSec%20%7C%20Sign%20up&en=page_load_time&epn.loading_time_msec=2005.6&_et=3&tfd=6518&richsstsse

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f95517693df26709993fcfd04ce1ceda96345528654782c5cfc789acbcf87b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain
cache-control: no-cache
cf-ray: 8282f3693f73a973-SYD

GET
H2 200 / Show response
portal.offsec.com/api/playground/labs/ 225 B
281 B 291ms
291ms XHR
application/json 104.22.75.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.offsec.com/api/playground/labs/

Requested by

Host: portal.offsec.com
URL: https://portal.offsec.com/assets/index.34717732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.75.103 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37b44f3d5d1027e1ccbb18841ce7d8adf5140c5d7cd04c38da10eb512979a6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://portal.offsec.com/sign-up/enterprise?link=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:52 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cross-origin-opener-policy: same-origin
x-trace: 2BBE212D1EF480D6B90652EB00A218E8B322C6389C4A6408868CEE278400
allow: GET, HEAD, OPTIONS
vary: Authorization, Origin, Cookie
content-type: application/json
x-frame-options: DENY
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
cf-ray: 8282f369afada973-SYD
expires: Sat, 18 Nov 2023 20:26:51 GMT

GET collect
portal.offsec.com/omd/g/ 0
0

GET /
portal.offsec.com/api/checkip/ 0
0

GET /
portal.offsec.com/api/content/filters/ 0
0

POST collect
analytics.google.com/g/s/ 0
0

POST collect
stats.g.doubleclick.net/g/ 0
0

GET ga-audiences
www.google.com.au/ads/ 0
0

POST collect
analytics.google.com/g/s/ 0
0

GET ga-audiences
www.google.com.au/ads/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: portal.offsec.com
URL: https://portal.offsec.com/omd/g/collect?v=2&tid=G-HG5D8M5XVV&gtm=45he3b81v9123013812&_p=1700339209023&gcs=G111&gcd=11n1n1l1l5&dma=0&gdid=dMWZhNz&cid=2018846898.1700339212&ul=en-us&sr=1600x1200&_fplc=0&ur=AU&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&sst.uc=AU&sst.rnd=1079750104.1700339210&sst.gse=1&sst.etld=google.com.au&sst.gcd=11n1n1l1l5&sst.us_privacy=1---&sst.tft=1700339209023&sst.sp=1&sst.em_event=1&_s=3&sid=1700339211&sct=1&seg=0&dl=https%3A%2F%2Fportal.offsec.com%2Fsign-up%2Fenterprise%3Flink%3DeyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc&dt=OffSec%20%7C%20Sign%20up&en=scroll&epn.percent_scrolled=90&_et=4&tfd=6596&richsstsse

Domain: portal.offsec.com
URL: https://portal.offsec.com/omd/g/collect?v=2&tid=G-HG5D8M5XVV&gtm=45he3b81v9123013812z8892450498&_p=1700339209023&gcs=G111&gcd=11n1n1l1l5&dma=0&gdid=dMWZhNz&cid=2018846898.1700339212&ul=en-us&sr=1600x1200&_fplc=0&ur=AU&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=AU&sst.rnd=1079750104.1700339210&sst.gse=1&sst.etld=google.com.au&sst.gcd=11n1n1l1l5&sst.us_privacy=1---&sst.tft=1700339209023&_s=4&sid=1700339211&sct=1&seg=1&dl=https%3A%2F%2Fportal.offsec.com%2Fsign-up%2Fenterprise%3Flink%3DeyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjcyNjY5IiwiaWF0IjoxNzAwMDIxOTU1LCJleHAiOjE3MzE1Nzk1NTUsImlzcyI6ImFjY291bnRzIn0.BeazVuVNTJYX3RGesXRYV9q_M8m_sR7ZJB_q-5cZNuc&dt=OffSec%20%7C%20Sign%20up&en=page_view&_et=76&tfd=6596&richsstsse

Domain: portal.offsec.com
URL: https://portal.offsec.com/api/checkip/

Domain: portal.offsec.com
URL: https://portal.offsec.com/api/content/filters/

Domain: analytics.google.com
URL: https://analytics.google.com/g/s/collect?dma=0&gtm=45h91e3b81v9123013812z8892450498z99127116890&_gsid=HG5D8M5XVVQvPN1IEVkahA9i4ROBflpA

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/g/collect?v=2&dma=0&tid=G-HG5D8M5XVV&cid=rPeur5XCE5O%2BqMa%2FCh3Hv4MR8vP0eKbAe7mksh5uFQA%3D.1700339212&gtm=45h91e3b81v9123013812z8892450498z99127116890&aip=1

Domain: www.google.com.au
URL: https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=0&tid=G-HG5D8M5XVV&cid=rPeur5XCE5O%2BqMa%2FCh3Hv4MR8vP0eKbAe7mksh5uFQA%3D.1700339212&gtm=45h91e3b81v9123013812z8892450498z99127116890&aip=1&z=1812290884

Domain: analytics.google.com
URL: https://analytics.google.com/g/s/collect?dma=0&gtm=45h91e3b81v9123013812z8892450498z99127116890&_gsid=HG5D8M5XVVJWVUMJplWgQCKlccQMBeBA

Domain: www.google.com.au
URL: https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=0&tid=G-HG5D8M5XVV&cid=rPeur5XCE5O%2BqMa%2FCh3Hv4MR8vP0eKbAe7mksh5uFQA%3D.1700339212&gtm=45h91e3b81v9123013812z8892450498z99127116890&aip=1&z=539343632

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
portal.offsec.com/	1970-01-20 17:02:11	Name: CookieConsent Value: {stamp:%27-1%27%2Cnecessary:true%2Cpreferences:true%2Cstatistics:true%2Cmarketing:true%2Cmethod:%27implied%27%2Cver:1%2Cutc:1700339207153%2Cregion:%27AU%27}
m.stripe.com/	1970-01-21 01:54:59	Name: m Value: 6ba01753-38fb-4d11-8623-9aa139cadf4464d1be
.portal.offsec.com/	1970-01-21 01:04:35	Name: __stripe_mid Value: f159997c-cffd-48b4-8888-0f756a845aa5be095a
.portal.offsec.com/	1970-01-20 16:19:01	Name: __stripe_sid Value: 204b6c0f-6a1b-45b6-a1c1-6e0f6a903d064f5e12
.offsec.com/	1970-01-20 18:28:35	Name: _gcl_au Value: 1.1.1212153950.1700339210
.doubleclick.net/	1970-01-21 01:54:59	Name: IDE Value: AHWqTUknRplXCvSG-Duh-27oUoMercaVhsiP0cHwr-uvF7dNSipkZaCLPGjbWvHz
.offsec.com/	1970-01-21 01:54:59	Name: _ga Value: GA1.1.2018846898.1700339212
.offsec.com/	1970-01-21 01:54:59	Name: _ga_HG5D8M5XVV Value: GS1.1.1700339211.1.1.1700339211.0.0.0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://portal.offsec.com/api/me Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://portal.offsec.com/api/me Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://portal.offsec.com/api/me Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
consent.cookiebot.com
consentcdn.cookiebot.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.stripe.com
m.stripe.com
m.stripe.network
o4505643676336128.ingest.sentry.io
offsec.com
portal.offsec.com
q.stripe.com
r.stripe.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
static.userguiding.com
stats.g.doubleclick.net
user.userguiding.com
www.google.com
www.google.com.au
www.googletagmanager.com
analytics.google.com
portal.offsec.com
stats.g.doubleclick.net
www.google.com.au
104.22.54.104
104.22.75.103
142.250.204.3
142.251.221.67
151.101.64.176
172.217.167.100
172.217.167.66
172.217.24.40
172.217.24.42
172.67.70.147
18.67.111.112
192.124.249.6
23.32.5.175
23.38.128.171
34.120.195.249
34.213.255.230
34.249.168.150
54.186.23.98
05212b78ded8432e79e8a7e9457c5959fc5b0e6c5f4b9dd981f67fee6b6ccbfa
07179f150a898e665ce6b76b0c751cb13a717ef19677d4a7a8ca41b9bc8b2a67
07c29f4a1f7767b39aea5456355c0738d9b766853adbfd7e71ce8719780543a0
0e2b6ca8941a2593894d63df4a7d687339e3be2dcd891b3f21f22441df2b23d4
1340d26ae607a2e5c49bb9dc1e6bf2e84e18464e1d84cf2b409f7efafd0d68c5
21e0577bdef99274f85366c05b4ed596183789bb3fff63766b84ecae349de050
21f24fceb2c70b75d4e9ffb7cab6eefb59731f503db0841ab3974821ae827d93
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
37b44f3d5d1027e1ccbb18841ce7d8adf5140c5d7cd04c38da10eb512979a6fd
429b7213e827efdb27bf7a7f00f09ea2de406bc8df3665818f76612dc86dd0b5
43930e37bce5cf2bdc0406301b3170eb11dd357514ceae95a703a0fe034aaae1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47a8a3cac11d58041b7c0874be17d4c7f9a71fe87ec09e8dc3dbf047438346d5
4b3a537005e17e79f1ef2946690b4e8d1ec9525318cf058522eb6a189b443175
54fc257871c040a6afa55115e78514392f9872bc021777aeb6c4123d11caf94d
5c84d99c8c6cfedf7b56abeb383fbfb86cffcb3a9a385e8444c620634e26caec
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
615418241f141e0c6eb8ee8353edc80e725ada59533e6acff1e6597798e2234d
63780c320fc98c92214df23dde5a4b224040164357fab6a1b563c24e06673799
688bc559b0281cf409122a6ba79dd31ccf7491fbd4075a89c409b376f4417223
6ed41f5d77e880cdce9834420568f928b1d4f70acf123b2dca142583c46f5901
6fd3596a2b2fd350fa4f82e42dc36d62a51f5d4b79e69c1d74c64a6eb9bcfcb6
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
865ab4a87f33a53ccca83280b1579c59c37e0913aa51a5ae543dd193e38fc55d
879e5a20d16b6c5edeb74bd6ed1123fa8b57d8ae884e4e91b9bf968c6f7bcdfd
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8cba5c259f466f8a2addf53f7ee0265478cce850375df9a2f22788b9fa5082f4
8f95517693df26709993fcfd04ce1ceda96345528654782c5cfc789acbcf87b0
90deaa6ce62764135079beba976e8df57220a817e759914adf09626153f38c16
9438b0d707b264b408237bc9c96680633173329274ad364133e53c2b6b7956da
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9f3241db2b5d82f18f9282662790d3ba8b7e8f03a929469c51f08578ebb6f40e
a0b5829845b11785aef967daad4197a6a64906931a442cd9dba1d2687681eba4
a553ef554e758b15cad5048e37c735d0afde8a36f33428c0d8523b1bb08a886e
a9013a737d5a92af5fa83b598cbd897ca98275812fea86e8434bd96daa2c0eb3
db7e32b2b976870a44be32f5eeef26e6a5bbeb62ec74fd3f5fd385e696da6220
dd6fe8db57354f168502f5f7cabbce3f3034ffcb912c90940c8ab6e1becc01d2
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea21974375a1369b63eef57e0363a8761f85b85bb741508de50b5d7c8b363f38
ea352f086a7b94da48e76f5b9c544e3364e5a7c997fd7c42f8c8eea7a80cd60f
eb9ee66808c3c7380ee43c8ae84107dd6aa167ce448e7411ad86bf61ec4a988f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f4fc621d6f2af125c4d226ddba692ae347e1b052f9c5f4999ba4f23c6e95ecff

portal.offsec.com Open in urlscan Pro 104.22.75.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

86 %HTTPS

0 %IPv6

13 Domains

22 Subdomains

19 IPs

4 Countries

6019 kBTransfer

21241 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

portal.offsec.com Open in urlscan Pro
104.22.75.103 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

86 %
HTTPS

0 %
IPv6

13
Domains

22
Subdomains

19
IPs

4
Countries

6019 kB
Transfer

21241 kB
Size

8
Cookies

76 HTTP transactions
0 data transactions