www.ired.team Open in urlscan Pro
2606:4700::6812:91 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Submission: On February 26 via api (February 26th 2022, 7:26:00 pm UTC) from BE — Scanned from DE

Summary HTTP 69 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 69 HTTP transactions. The main IP is 2606:4700::6812:91, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ired.team.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 27th 2021. Valid for: a year.

This is the only time www.ired.team was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2606:4700::68... 2606:4700::6812:91	13335 (CLOUDFLAR...) (CLOUDFLARENET)
44	2606:4700::68... 2606:4700::6812:86f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.105 143.204.98.105	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::282 2a04:4e42::282	54113 (FASTLY) (FASTLY)
2	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2606:50c0:800... 2606:50c0:8001::153	54113 (FASTLY) (FASTLY)
69	10

14 2606:4700::6812:91 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ired.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2603957456-files.gitbook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2606:4700::6812:86f (United States)

ASN13335 (CLOUDFLARENET, US)

app.gitbook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gitbook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-105.fra50.r.cloudfront.net

cdn.iframe.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o1000929.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firestore.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)

attack.mitre.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	gitbook.com app.gitbook.com — Cisco Umbrella Rank: 84977 www.gitbook.com — Cisco Umbrella Rank: 122258	2 MB
12	gitbook.io 2603957456-files.gitbook.io	442 KB
3	googleapis.com firestore.googleapis.com — Cisco Umbrella Rank: 2018	9 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	sentry.io o1000929.ingest.sentry.io — Cisco Umbrella Rank: 104477	389 B
2	ired.team www.ired.team	426 KB
1	mitre.org attack.mitre.org — Cisco Umbrella Rank: 283338	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	37 KB
1	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 1921	706 B
1	iframe.ly cdn.iframe.ly — Cisco Umbrella Rank: 26765	7 KB
69	10

	Domain	Requested by
37	app.gitbook.com	www.ired.team app.gitbook.com
12	2603957456-files.gitbook.io	www.ired.team app.gitbook.com
7	www.gitbook.com	www.ired.team app.gitbook.com
3	firestore.googleapis.com	app.gitbook.com
2	www.google-analytics.com	www.googletagmanager.com app.gitbook.com
2	o1000929.ingest.sentry.io	app.gitbook.com
2	www.ired.team	www.ired.team
1	attack.mitre.org
1	www.googletagmanager.com	app.gitbook.com
1	cdn.polyfill.io	www.ired.team
1	cdn.iframe.ly	www.ired.team
69	11

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
github.com
twitter.com
www.patreon.com
www.gitbook.com
policies.gitbook.com

Subject Issuer	Validity	Valid
www.ired.team Cloudflare Inc ECC CA-3	`2021-10-27` - `2022-10-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
*.iframe.ly Amazon	`2021-12-02` - `2022-12-30`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.ingest.sentry.io R3	`2022-02-21` - `2022-05-22`	3 months	crt.sh
edgecert.googleapis.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
attack.mitre.org R3	`2022-02-04` - `2022-05-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Frame ID: 0E1A1C0720635313EE08546CFFBE0264
Requests: 70 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Installing Root Certificate - Red Teaming Experiments

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

69
Requests

100 %
HTTPS

78 %
IPv6

10
Domains

11
Subdomains

10
IPs

2
Countries

3189 kB
Transfer

14398 kB
Size

5
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/in/mantvydasb/
Title: linkedin

Search URL Search Domain Scan URL

URL: https://github.com/mantvydasb/RedTeam-Tactics-and-Techniques
Title: github

Search URL Search Domain Scan URL

URL: https://twitter.com/spotheplanet
Title: @spotheplanet

Search URL Search Domain Scan URL

URL: https://www.patreon.com/iredteam
Title: patreon

Search URL Search Domain Scan URL

URL: https://www.gitbook.com/?utm_source=content&utm_medium=trademark&utm_campaign=-LFEMnER3fywgFHoroYn
Title: Powered By GitBook

Search URL Search Domain Scan URL

URL: https://policies.gitbook.com/privacy/cookies
Title: cookie policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

69 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request t1130-install-root-certificate Show response
www.ired.team/offensive-security/persistence/ 2 MB
425 KB 1801ms
1744ms Document
text/html 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

44690fc0a6b8096b18e51469b19e5502a1236443b0ccb1f54b0b712abed16e94

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https:; default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; img-src data: * blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; font-src app.gitbook.com js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com; worker-src 'self' blob:; frame-src www.intercom-reporting.com www.googletagmanager.com ; form-action api-iam.intercom.io intercom.help; media-src .intercomcdn.com; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 26 Feb 2022 19:25:54 GMT
content-type: text/html; charset=utf-8
cf-ray: 6e3b8fd4bd636945-FRA
cache-control: public, max-age=86400, s-maxage=86400, stale-while-revalidate=3600, stale-if-error=43200
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cf-cache-status: MISS
content-security-policy: frame-ancestors https:; default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com; worker-src 'self' blob:; frame-src www.intercom-reporting.com www.googletagmanager.com *; form-action api-iam.intercom.io intercom.help; media-src *.intercomcdn.com; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
function-execution-id: 67cyz482to6y
referrer-policy: no-referrer-when-downgrade
x-cloud-trace-context: 3e0de68d57bc6fc7b4c467f119cb1b56
x-content-type-options: nosniff
x-powered-by: GitBook
server: cloudflare
content-encoding: gzip

GET
H2 200 Roboto-Bold.woff2
app.gitbook.com/public/fonts/Roboto/ 62 KB
62 KB 613ms
552ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/fonts/Roboto/Roboto-Bold.woff2?v=3.19
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9181efb23e405a5ae51f5eb9ed17564496ab30195bfa13ecb923460d8a92300

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
cf-cache-status: HIT
age: 102576
x-guploader-uploadid: ADPycduXrl58Vfne617YRmF0Cc0UyUELHVGYonD98bDFRu5lqB7X3Fzze59VVOA4D61ZrK3a8Jwz_5Fi29kwdI5AsSs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 63512
cf-ray: 6e3b8fe029740f5e-MXP
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
etag: "9912eb289b9a8018ffe746b38a1f4138"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=B6lSQw==, md5=mRLrKJuagBj/50azih9BOA==
x-goog-generation: 1633848364340633
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 63512
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 04 Mar 2022 13:57:40 GMT

GET
H2 200 Roboto-BoldItalic.woff2
app.gitbook.com/public/fonts/Roboto/ 67 KB
67 KB 609ms
548ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/fonts/Roboto/Roboto-BoldItalic.woff2?v=3.19
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abe67ac80a18e468ba4e9fc2138ddf670e168fb92b38ed1e71da54eecd420d9d

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
cf-cache-status: HIT
age: 366452
x-guploader-uploadid: ADPycdvZpeavfnAcAlVqlehwRbxQzhURaicfIin5l8eb-B6sK4FFgbeqMHYmCz9dOIgmSvm64_baoHIkW7ujXpSCDMY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 68744
cf-ray: 6e3b8fe029760f5e-MXP
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
etag: "1273f039c2c87185606d174ef2fb8bda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=sDfENg==, md5=EnPwOcLIcYVgbRdO8vuL2g==
x-goog-generation: 1633848364530844
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 68744
accept-ranges: bytes
content-type: font/woff2
expires: Tue, 01 Mar 2022 13:09:14 GMT

GET
H2 200 Roboto-Black.woff2
app.gitbook.com/public/fonts/Roboto/ 62 KB
63 KB 511ms
451ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/fonts/Roboto/Roboto-Black.woff2?v=3.19
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc85ca1807422f0603716b43ec3f6544ae0a2f395bee02ad3eeb000c2a2aaf86

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
cf-cache-status: HIT
age: 72107
x-guploader-uploadid: ADPycduD_Ga2JMD82x0PYo0aZyShvRjdG2E3u4IwpTqEq-xqf_dkLImvLQkahxHV-_FgljeEVhAWvZM6jCut1HM2jIk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 63632
cf-ray: 6e3b8fe029770f5e-MXP
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
etag: "cf9856e6d82dec865920233cfb0e6434"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=78g/3g==, md5=z5hW5tgt7IZZICM8+w5kNA==
x-goog-generation: 1633848364343364
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 63632
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 04 Mar 2022 23:16:36 GMT

GET
H2 200 Roboto-BlackItalic.woff2
app.gitbook.com/public/fonts/Roboto/ 69 KB
69 KB 613ms
553ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/fonts/Roboto/Roboto-BlackItalic.woff2?v=3.19
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73971d2e544090ece7946c253f97ad012433034112729f30460561f1b3f3baa4

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
cf-cache-status: HIT
age: 19141
x-guploader-uploadid: ADPycdvD6Ca3jH_G5Vr3Te3JTvWqp2pIilTW-MYExA39R8QHckPe6pGIg_gruZhevDPNgGzLEPnwXNlJFIqchfRXOks
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 70548
cf-ray: 6e3b8fe039b40f5e-MXP
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
etag: "0c0fe6e65641e22692eb54ccb1334e48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=KPvcng==, md5=DA/m5lZB4iaS61TMsTNOSA==
x-goog-generation: 1633848364395213
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 70548
accept-ranges: bytes
content-type: font/woff2
expires: Sat, 05 Mar 2022 13:55:11 GMT

GET
H2 200 Roboto-Medium.woff2
app.gitbook.com/public/fonts/Roboto/ 62 KB
63 KB 592ms
532ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/fonts/Roboto/Roboto-Medium.woff2?v=3.19
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 474219c4838734328bacdf2229ee7aa9b960e1e22b36aa0b2440dee68b7ded93

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
cf-cache-status: HIT
age: 253125
x-guploader-uploadid: ADPycdsRa50JUhwnwT8XfQRUEmRrOFTVsENoFtTDHZwPI46CrNIIey0VmTiFRI6OsWA9EalkzLODqm_BcbZowHTmiPE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 63888
cf-ray: 6e3b8fe0297b0f5e-MXP
last-modified: Sun, 10 Oct 2021 06:46:03 GMT
server: cloudflare
etag: "1c1881cb681b2e87bdd7302d9cc04bea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=zcpdEQ==, md5=HBiBy2gbLoe91zAtnMBL6g==
x-goog-generation: 1633848363751495
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 63888
accept-ranges: bytes
content-type: font/woff2
expires: Wed, 02 Mar 2022 20:34:38 GMT

GET
H2 200 Roboto-MediumItalic.woff2
app.gitbook.com/public/fonts/Roboto/ 68 KB
68 KB 614ms
554ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/fonts/Roboto/Roboto-MediumItalic.woff2?v=3.19
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1588e257d5d5d137bdf245d5d1e6e9e89a7393e411feab9fcb28eba9fa615779

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
cf-cache-status: HIT
age: 102577
x-guploader-uploadid: ADPycdvMtoxLK79Fq74tZQ6XkUbtDTox50ACdEC6LF3F7Tkg8JJA8t4sCbfNcuEOGk3KJcAhTLOWkKU16Rm4aQFB89Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 69624
cf-ray: 6e3b8fe0297c0f5e-MXP
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
etag: "8b4e1b9f7674c838783683866a8d62d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=cKMv6g==, md5=i04bn3Z0yDh4NoOGao1i1Q==
x-goog-generation: 1633848364394105
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 69624
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 04 Mar 2022 14:48:28 GMT

GET
H2 200 Roboto-Regular.woff2
app.gitbook.com/public/fonts/Roboto/ 62 KB
62 KB 613ms
554ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/fonts/Roboto/Roboto-Regular.woff2?v=3.19
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b37d775bb347246729d437f266c2dfcd705a9171580f6149ab673b10a3500367

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
cf-cache-status: HIT
age: 72107
x-guploader-uploadid: ADPycdsAs5ul2KahNvRt_Ea5H2leAenuaGVyyFFvrFV2LEsps3bAwWwWsN60i1f6NlsJI7u8pugm21_AUaUlE8ua1CA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 63024
cf-ray: 6e3b8fe039b60f5e-MXP
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
etag: "679aa1b8c499041bf78378f4a5b04162"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=L2wjbg==, md5=Z5qhuMSZBBv3g3j0pbBBYg==
x-goog-generation: 1633848364360754
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 63024
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 04 Mar 2022 22:30:40 GMT

GET
H2 200 Roboto-Italic.woff2
app.gitbook.com/public/fonts/Roboto/ 67 KB
67 KB 610ms
551ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/fonts/Roboto/Roboto-Italic.woff2?v=3.19
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8789224140397e0644f8d3daf8aaa2733d8a357be81b239188de34b81b3cb11c

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
cf-cache-status: HIT
age: 192454
x-guploader-uploadid: ADPycdtIwc6Ldm6thmoMccfdlr8lgutYYGX9LQRj70I6WpUnXxbY1fCHGWKuLxdCKIrYUMZ7onoowAvXDcJvSoOBow9nRKuGkQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 68608
cf-ray: 6e3b8fe029790f5e-MXP
last-modified: Sun, 10 Oct 2021 06:46:03 GMT
server: cloudflare
etag: "390716e2322cc51a6d75368c6c6ab64b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=VFjRMg==, md5=OQcW4jIsxRptdTaMbGq2Sw==
x-goog-generation: 1633848363952371
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 68608
accept-ranges: bytes
content-type: font/woff2
expires: Thu, 03 Mar 2022 13:19:21 GMT

GET
H2 200 SourceCodePro-Bold.woff2
app.gitbook.com/public/fonts/SourceCodePro/ 57 KB
58 KB 612ms
553ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-Bold.woff2?v=3.19
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 391798381365eae6431d5301789e74ae40318b5a909f6732710c938f709dd15b

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
cf-cache-status: HIT
age: 523682
x-guploader-uploadid: ADPycdsYSqaKiEdQGp2z76cCuumxVnc6V4LVzndAV_3KVgPSL3JQ7T3YpHq0BgKtniraGxqqnB8KYJYTpMTwUtRUS_mi4lVqQQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 58824
cf-ray: 6e3b8fe039ae0f5e-MXP
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
etag: "12902856238918991bbae82214419e26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=dA5QBw==, md5=EpAoViOJGJkbuugiFEGeJg==
x-goog-generation: 1633848364495126
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 58824
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 27 Feb 2022 17:41:41 GMT

GET
H2 200 SourceCodePro-BoldItalic.woff2
app.gitbook.com/public/fonts/SourceCodePro/ 49 KB
49 KB 610ms
551ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-BoldItalic.woff2?v=3.19
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e9516397b60a1f72e680cd614eeae501cc05e8336b41677f6ddcf7ca91ce87b

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
cf-cache-status: HIT
age: 192453
x-guploader-uploadid: ADPycdtZbH0mCfRokhE3c9xx_WTf7-9qA-MrOIvhtJNnHWOh1ngvNl9XwVl9qLNR0bDXjmkhKsHnVOzQ04NeIxJX6luzkVYZng
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 50140
cf-ray: 6e3b8fe039b00f5e-MXP
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
etag: "b724e89b25def664af59a37f9535969d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=MbhT/w==, md5=tyTomyXe9mSvWaN/lTWWnQ==
x-goog-generation: 1633848364404691
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 50140
accept-ranges: bytes
content-type: font/woff2
expires: Thu, 03 Mar 2022 13:30:57 GMT

GET
H2 200 SourceCodePro-Black.woff2
app.gitbook.com/public/fonts/SourceCodePro/ 56 KB
57 KB 613ms
554ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-Black.woff2?v=3.19
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99b06c0121019e577fbeb61926a76ab064ebf04641e17b3f3cdd31c5bfada827

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
cf-cache-status: HIT
age: 102575
x-guploader-uploadid: ADPycdvXn1qBWXpLt9ElNhjR-mFhAEc02eQyr9XtuP7h2XWKygfnRXUGUFb14htAGer33hygf2QEiBBsJHkiQvCQsBE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 57780
cf-ray: 6e3b8fe039ab0f5e-MXP
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
etag: "f71e658e6aefc8d67ec9143ba16738f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=4jkfgA==, md5=9x5ljmrvyNZ+yRQ7oWc49A==
x-goog-generation: 1633848364372673
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 57780
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 04 Mar 2022 14:48:51 GMT

GET
H2 200 SourceCodePro-BlackItalic.woff2
app.gitbook.com/public/fonts/SourceCodePro/ 48 KB
48 KB 612ms
553ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-BlackItalic.woff2?v=3.19
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91edc14c712c0f1f64767c76dc267782a71d64eef6a3fa0b78e3550b67031f7f

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
cf-cache-status: HIT
age: 163565
x-guploader-uploadid: ADPycdsbE87dvpHbqyo2NL_zJ6hQpEZYQU5cWFMWGE70eXCwzXVB32gYkFBpmSQ6-KSssRJeJKh25_r_21FigsgYrHHvbN3w6Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 48884
cf-ray: 6e3b8fe039aa0f5e-MXP
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
etag: "c1594c3fd48f0a69854330d1e5aecfd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=KGJVVw==, md5=wVlMP9SPCmmFQzDR5a7P1g==
x-goog-generation: 1633848364884390
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 48884
accept-ranges: bytes
content-type: font/woff2
expires: Thu, 03 Mar 2022 21:42:11 GMT

GET
H2 200 SourceCodePro-Medium.woff2
app.gitbook.com/public/fonts/SourceCodePro/ 57 KB
58 KB 613ms
554ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-Medium.woff2?v=3.19
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4527b523271b31ea23e2241eaa32be773ae97e2100a4cde9c4ea807f5bdf345e

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
cf-cache-status: HIT
age: 523682
x-guploader-uploadid: ADPycdswHvu7aWnzNb39xgxL-NK1Ddy_DqK8XRYKSs-dFNxkRLPUAFxBQmNXHV-8dowe_1hZKewhW8lzIwAgT4aiQLs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 58744
cf-ray: 6e3b8fe029780f5e-MXP
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
etag: "fcd510e6482c7a55ba5b195381dcbf88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=P0k/Fw==, md5=/NUQ5kgselW6WxlTgdy/iA==
x-goog-generation: 1633848364398993
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 58744
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 27 Feb 2022 17:05:48 GMT

GET
H2 200 SourceCodePro-MediumItalic.woff2
app.gitbook.com/public/fonts/SourceCodePro/ 49 KB
49 KB 611ms
552ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-MediumItalic.woff2?v=3.19
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 142dda220b464de17ccaa3949b42543c6488ede54423361364bffb67ec054a2b

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
cf-cache-status: HIT
age: 523683
x-guploader-uploadid: ADPycdveFbXyDL1bVBC8smWIc-bU5iyFWkk0yPTFSrRvddqi5mCKK3vWmXn9cNzzIUqaIdr54O-p5s90w6dgSRhMcfUVy1fEfQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 49784
cf-ray: 6e3b8fe0297e0f5e-MXP
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
etag: "a399a11f4e1eb5cc906b096a1436f8da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=RDS2oA==, md5=o5mhH04etcyQawlqFDb42g==
x-goog-generation: 1633848364578571
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 49784
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 27 Feb 2022 17:50:45 GMT

GET
H2 200 SourceCodePro-Regular.woff2
app.gitbook.com/public/fonts/SourceCodePro/ 58 KB
58 KB 609ms
550ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-Regular.woff2?v=3.19
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fc43de0b7192ea8d141166fd138508b806a7742a19d60d376717d299249a721

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
cf-cache-status: HIT
age: 523683
x-guploader-uploadid: ADPycds9vFRzf8vo9I5zQU5mijZ9-aK3ic29xhCgpVY2YSZOyfsdvbPWqRS-gFzCgBBRVWSV6WKVuamaRDGpr6etLyE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 59120
cf-ray: 6e3b8fe039a70f5e-MXP
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
etag: "7e7018fa71b6021605537b9f824e67fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=YqfMwg==, md5=fnAY+nG2AhYFU3ufgk5n/A==
x-goog-generation: 1633848364862643
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 59120
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 27 Feb 2022 17:38:44 GMT

GET
H2 200 SourceCodePro-Italic.woff2
app.gitbook.com/public/fonts/SourceCodePro/ 49 KB
49 KB 610ms
551ms Font
font/woff2 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-Italic.woff2?v=3.19
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be2edcbae84d5edd53e879a9a8d6c58a8eea966820ac287c0275a9698495518

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
cf-cache-status: HIT
age: 19141
x-guploader-uploadid: ADPycdtjW7pDn-cbET_RiBKXZecC57NgVvfFUEOFtyxSlAaGymfOQVPb0XlnuRSYa6LwpisVVygGwtT3N1bqDHc5c8g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 50016
cf-ray: 6e3b8fe039b20f5e-MXP
last-modified: Sun, 10 Oct 2021 06:46:04 GMT
server: cloudflare
etag: "f29e4a78544ca47f78bb54ce303347c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=yEyPlQ==, md5=8p5KeFRMpH94u1TOMDNHyA==
x-goog-generation: 1633848364300385
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, must-revalidate
x-goog-stored-content-length: 50016
accept-ranges: bytes
content-type: font/woff2
expires: Sat, 05 Mar 2022 14:03:51 GMT

GET
H2 200 csharp.lazy-CSD2UH3U.min.js Show response
app.gitbook.com/public/app/chunks/ 7 KB
3 KB 608ms
549ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/app/chunks/csharp.lazy-CSD2UH3U.min.js
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e24189d8a1f5ac6beed5f9c19f384a917186c2f2a546b6cc5f4578a9c8a6b492

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3012118
x-guploader-uploadid: ADPycdttZb6d-12x12MBtMYqEYoH2XWx_-fBBL2MaHgeDpEiRQywmaKnoyaG3-7blF2WH84Z_FuFiI89MzCH7AWLPQ4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Sun, 14 Nov 2021 15:22:06 GMT
server: cloudflare
etag: W/"27fb4ec34a7eec4b025fc52cd3303c99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=D+xXtw==, md5=J/tOw0p+7EsCX8Us0zA8mQ==
x-goog-generation: 1636903326361942
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 6707
cf-ray: 6e3b8fe039ba0f5e-MXP
expires: Sun, 22 Jan 2023 22:43:56 GMT

GET
H2 200 public-3G6MP5UE.min.js Show response
app.gitbook.com/public/app/ 7 KB
3 KB 608ms
550ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/app/public-3G6MP5UE.min.js?v=10.9.19-65cb44693db0a31ad28ed593d2db737658a9632f-1899261205
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4356f3284da6af176f927265deaf80895731cebd204690fe24be57e522e5a67e

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 100478
x-guploader-uploadid: ADPycdsP1bEZZRKZS9SEEgLmKwEiPj6oi9usai9jX8CzPnV1CuBEHxXsOrS8kDkGsmhBMIqysmqDbBb9BMyRP2ZvQgY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Fri, 25 Feb 2022 15:00:32 GMT
server: cloudflare
etag: W/"20cb99c7ded03b7dbab7132109fbb0bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=AeYIsA==, md5=IMuZx97QO326txMhCfuwvQ==
x-goog-generation: 1645801232489992
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 7594
cf-ray: 6e3b8fe039bb0f5e-MXP
expires: Sat, 25 Feb 2023 15:07:32 GMT

GET
H2 200 embed.js Show response
cdn.iframe.ly/ 22 KB
7 KB 51ms
8ms Script
application/javascript 143.204.98.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iframe.ly/embed.js
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-105.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: b836803e97f161fdf9ff088ff46b8b4b9211ef8a1759ee1b223923a2852c6ec4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 04:50:09 GMT
content-encoding: br
last-modified: Mon, 31 Jan 2022 15:34:30 GMT
server: nginx
age: 52550
etag: W/"61f80186-571d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: TTjL7G6G0oUvSzc0FCqsOuo1aLhBjlIRpUgJJJLzvRV13SeOD0TAVg==
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)

GET
H2 200 polyfill.js Show response
cdn.polyfill.io/v2/ 415 B
706 B 61ms
19ms Script
text/javascript 2a04:4e42::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.js?features=Intl.~locale.en

Requested by

Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e5040037b99f33713b533de1799d81b07b984140ec146f1a1d0fecee19fa3482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 183686
detected-user-agent: Chrome/98.0.4758
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 219
referrer-policy: origin-when-cross-origin
last-modified: Thu, 24 Feb 2022 16:08:10 GMT
date: Sat, 26 Feb 2022 19:25:54 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/98.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 https%3A%2F%2F2603957456-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-28427.appspot.com%2Fo%2Fspaces%252F-LFEMnER3fywgFHoroYn%252Favatar.png%3Fgeneration%3D1536436814766237%26alt%3Dmedia
www.gitbook.com/cdn-cgi/image/width=40,height=40,fit=contain,dpr=1,format=auto/ 1 KB
1 KB 134ms
77ms Image
image/avif 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gitbook.com/cdn-cgi/image/width=40,height=40,fit=contain,dpr=1,format=auto/https%3A%2F%2F2603957456-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-28427.appspot.com%2Fo%2Fspaces%252F-LFEMnER3fywgFHoroYn%252Favatar.png%3Fgeneration%3D1536436814766237%26alt%3Dmedia

Requested by

Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d624a9b45f2860bc9d67e56699a384e87ce9b441c8a30401787b702e734e2dc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
vary: Accept, Accept-Encoding
content-length: 1073
last-modified: Sat, 08 Sep 2018 20:00:14 GMT
server: cloudflare
etag: "cfxEAstVGsILZwEUMa_yTuFg:2965c5f978755802debc0291c5574853"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-resized: internal=ok/m q=0 n=849 c=88 v=2022.1.0 l=1073
accept-ranges: bytes
cf-ray: 6e3b8fe02b09839d-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 https%3A%2F%2F2603957456-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-28427.appspot.com%2Fo%2Fspaces%252F-LFEMnER3fywgFHoroYn%252Favatar.png%3Fgeneration%3D1536436814766237%26alt%3Dmedia
www.gitbook.com/cdn-cgi/image/width=24,height=24,fit=contain,dpr=1,format=auto/ 821 B
1 KB 124ms
67ms Image
image/avif 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gitbook.com/cdn-cgi/image/width=24,height=24,fit=contain,dpr=1,format=auto/https%3A%2F%2F2603957456-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-28427.appspot.com%2Fo%2Fspaces%252F-LFEMnER3fywgFHoroYn%252Favatar.png%3Fgeneration%3D1536436814766237%26alt%3Dmedia

Requested by

Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c2df816b4951890f17715d2625d77f04ee0921f40f0b2432ad764c96149d968

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
vary: Accept, Accept-Encoding
content-length: 821
last-modified: Sat, 08 Sep 2018 20:00:14 GMT
server: cloudflare
etag: "cfORVgR5FT-ORC-PW8Ddvsrg:2965c5f978755802debc0291c5574853"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-resized: internal=ok/h q=0 n=971 c=100 v=2022.1.0 l=821
accept-ranges: bytes
cf-ray: 6e3b8fe02b10839d-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqMckKQO2kEqqc1UV%2Fcerts-certutil.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/ 28 KB
29 KB 1135ms
1078ms Image
image/png 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqMckKQO2kEqqc1UV%2Fcerts-certutil.png?alt=media&token=6c098d3c-c3f0-49f1-a284-248db726315d

Requested by

Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

2dfb402162bc924ade07c769a1be4113d060ee88cee93c24461f7955c91f0880

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdsnJF2bASV7lW1J22cv12h01N1o46VIr8r1tLdH47RF_eC7KY6i7LICWns2-JOULgVfMFVLiu7gre9pifrf30U
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''certs-certutil.png
vary: Accept-Encoding
content-length: 28361
cf-ray: 6e3b8fe02f375995-MXP
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Aug 2018 18:32:43 GMT
server: cloudflare
etag: "ede6f30ab17b1418bc246bf79812c033"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=rWEOrg==, md5=7ebzCrF7FBi8JGv3mBLAMw==
x-goog-generation: 1534357963989464
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 28361
x-goog-meta-firebasestoragedownloadtokens: 6c098d3c-c3f0-49f1-a284-248db726315d
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
accept-ranges: bytes
content-type: image/png
expires: Sun, 26 Feb 2023 19:25:55 GMT

GET
H2 200 assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqQ2VqLB4JYJDrAnZ%2Fcerts-installed.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/ 58 KB
58 KB 1333ms
1277ms Image
image/png 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqQ2VqLB4JYJDrAnZ%2Fcerts-installed.png?alt=media&token=6f6451bb-08c7-42fe-8bfd-d396a77e8a92

Requested by

Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

3b008c2a94a6ee7026de0479a26fe3ea5037c015b6a08a8836c37856608e22fc

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdssvk3YtnphyPRGosK3uiT_wA6DYfi01IxwDfhaci-aVRR_hkq6ThIYDXWGtOlwUb02_LYkMXzNiTXaAQACSEE
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''certs-installed.png
vary: Accept-Encoding
content-length: 58931
cf-ray: 6e3b8fe02f3b5995-MXP
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Aug 2018 18:32:43 GMT
server: cloudflare
etag: "e025cbff234cce35e37bc941c878c34d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=uJfeJg==, md5=4CXL/yNMzjXje8lByHjDTQ==
x-goog-generation: 1534357963999170
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 58931
x-goog-meta-firebasestoragedownloadtokens: 6f6451bb-08c7-42fe-8bfd-d396a77e8a92
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
accept-ranges: bytes
content-type: image/png
expires: Sun, 26 Feb 2023 19:25:55 GMT

GET
H2 200 assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqbycoKnz6uhQe5WO%2Fcerts-add-with-ps.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/ 26 KB
27 KB 1152ms
1096ms Image
image/png 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqbycoKnz6uhQe5WO%2Fcerts-add-with-ps.png?alt=media&token=977a73c0-9160-4753-88d1-6e22cd426b89

Requested by

Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

4e1455cf00349ef0a37105335e7e3e7aa130e07d14896ee47e652657cc3c858a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdtcpISDsmCQaNkFQlxASmh8Ifiqw-Weegvh3TVa99vbXjjyDX-4JpZK_Ww0pGhqfObF_5cQ9o-YQ8uh8UqnSPE
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''certs-add-with-ps.png
vary: Accept-Encoding
content-length: 26973
cf-ray: 6e3b8fe02f3c5995-MXP
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Aug 2018 18:32:44 GMT
server: cloudflare
etag: "af4444ea0439b95e57ccb098de0028c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=bhFHfA==, md5=r0RE6gQ5uV5XzLCY3gAoyQ==
x-goog-generation: 1534357964007543
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 26973
x-goog-meta-firebasestoragedownloadtokens: 977a73c0-9160-4753-88d1-6e22cd426b89
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
accept-ranges: bytes
content-type: image/png
expires: Sun, 26 Feb 2023 19:25:55 GMT

GET
H2 200 assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqg-QzrDfu7RLZY3p%2Fcerts-ps-logging.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/ 16 KB
17 KB 1189ms
1133ms Image
image/png 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqg-QzrDfu7RLZY3p%2Fcerts-ps-logging.png?alt=media&token=f97b0c60-a6f4-4c5a-b6f8-0bbd4d167908

Requested by

Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

ed47c278bf3d7b130073a011f6cad4619cbd0f81e390b78b36f53c9bf9a54cbd

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdvGm51PxiAmTxEqI-OubycGpyabie3q2GMgzwX0ZS03owZHQR7jbHGY1hWhe_q9x6X4Je-cyOls_-eFKnevAHI
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''certs-ps-logging.png
vary: Accept-Encoding
content-length: 16682
cf-ray: 6e3b8fe02f405995-MXP
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Aug 2018 18:32:43 GMT
server: cloudflare
etag: "b2e73e268d905569f4a697fe6ed5ad75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=W79svA==, md5=suc+Jo2QVWn0ppf+btWtdQ==
x-goog-generation: 1534357963948157
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 16682
x-goog-meta-firebasestoragedownloadtokens: f97b0c60-a6f4-4c5a-b6f8-0bbd4d167908
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
accept-ranges: bytes
content-type: image/png
expires: Sun, 26 Feb 2023 19:25:55 GMT

GET
H2 200 assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyr4S1zYBs87IneLGr%2Fcerts-logs.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/ 51 KB
51 KB 1136ms
1080ms Image
image/png 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyr4S1zYBs87IneLGr%2Fcerts-logs.png?alt=media&token=adeef754-0099-4b94-bb12-d96ec058d34f

Requested by

Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

2791874f2ac5a208d84ffb261c0adcf62b4790606433638c5489f1e95335d1d2

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycdvXIk_g5yQutMKC_fbH4kTr6qi6M2xCzfCiniR_DTnV22bKTPGeON_In6cjOtBtLlBZL8SIcPgw4qFN4v_Pq44
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''certs-logs.png
vary: Accept-Encoding
content-length: 52258
cf-ray: 6e3b8fe02f425995-MXP
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Aug 2018 18:32:43 GMT
server: cloudflare
etag: "e0d5a37e5fb59d35ef29fb45a624868e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=AxqoLA==, md5=4NWjfl+1nTXvKftFpiSGjg==
x-goog-generation: 1534357963817758
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 52258
x-goog-meta-firebasestoragedownloadtokens: adeef754-0099-4b94-bb12-d96ec058d34f
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
accept-ranges: bytes
content-type: image/png
expires: Sun, 26 Feb 2023 19:25:55 GMT

GET
H2 200 assets%2F-LFEMnER3fywgFHoroYn%2F-LJz3ScYEAr42Csq9UcK%2F-LJz3Pa7Z4DINdAebLKM%2Fcerts-registry.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/ 39 KB
40 KB 1231ms
1175ms Image
image/png 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LJz3ScYEAr42Csq9UcK%2F-LJz3Pa7Z4DINdAebLKM%2Fcerts-registry.png?alt=media&token=31ca5d98-42de-4bef-9a9b-03c8c55d7d06

Requested by

Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

af22694103076abf2a8dc1e4e5cfb9461a36c469b558a9feb08ce70c1b12c71b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: GitBook
x-guploader-uploadid: ADPycduKLlhIKBDUTagQbKW_1Pq8SRkasWYcfyL_XbpBKxxWjeh7OjGxxsKVwfwcJFzKQRcqAb8NmNP-e6Oqaqm-uRk
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''certs-registry.png
vary: Accept-Encoding
content-length: 40274
cf-ray: 6e3b8fe02f415995-MXP
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Aug 2018 19:31:02 GMT
server: cloudflare
etag: "fe275e02f6d0fb5b10a9d4c6beb3d9ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=bPzO1Q==, md5=/ideAvbQ+1sQqdTGvrPZrQ==
x-goog-generation: 1534361462659850
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 40274
x-goog-meta-firebasestoragedownloadtokens: 31ca5d98-42de-4bef-9a9b-03c8c55d7d06
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
accept-ranges: bytes
content-type: image/png
expires: Sun, 26 Feb 2023 19:25:55 GMT

GET
H2 200 email-decode.min.js Show response
www.ired.team/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
825 B 12ms
12ms Script
application/javascript 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ired.team/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Feb 2022 21:08:07 GMT
server: cloudflare
etag: W/"6216a237-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6e3b8fdfcf986945-FRA
vary: Accept-Encoding
expires: Mon, 28 Feb 2022 19:25:54 GMT

GET
H2 200 chunk-FOJLXU5K.min.js Show response
app.gitbook.com/public/app/chunks/ 163 KB
45 KB 175ms
175ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/app/chunks/chunk-FOJLXU5K.min.js
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95f606ce7bf48055851b9f4961bd8f3bd84735f66fff005d3d1e5d945aebac5c

Request headers

Referer: https://app.gitbook.com/public/app/public-3G6MP5UE.min.js?v=10.9.19-65cb44693db0a31ad28ed593d2db737658a9632f-1899261205
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 72108
x-guploader-uploadid: ADPycds17t7ty4XS73Gwhzr7cjEsaFFvzMQp9jo2cTfVXVg0ueqTI-Y37e6PYZ1pc-8y4ie7MMH-8a4qAnPWN0FlBGc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Fri, 25 Feb 2022 15:00:32 GMT
server: cloudflare
etag: W/"e948cf41a819aaebaa724074d0b66a8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=M446IA==, md5=6UjPQagZquuqckB00LZqiw==
x-goog-generation: 1645801232395617
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 166421
cf-ray: 6e3b8fe40a920f5e-MXP
expires: Sat, 25 Feb 2023 23:11:31 GMT

GET
H2 200 chunk-6U2OKBYU.min.js Show response
app.gitbook.com/public/app/chunks/ 456 B
497 B 384ms
383ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/app/chunks/chunk-6U2OKBYU.min.js
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bcc2d1d093284cefbe72506e1d81aac094df22c9a4bdc88ce59f202fd619f03

Request headers

Referer: https://app.gitbook.com/public/app/public-3G6MP5UE.min.js?v=10.9.19-65cb44693db0a31ad28ed593d2db737658a9632f-1899261205
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 100477
x-guploader-uploadid: ADPycdvA2x4dxIjhs5n15SeH_agcUG_ssQv8dm4jdqhvBdXbBPnDVHEymaMCLuhLs-bgvo2xBVYY4zhC05ac5-t0QO8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Fri, 25 Feb 2022 15:00:32 GMT
server: cloudflare
etag: W/"8e8db1db7f58eee8cce6795a8083a93b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=yg9yGQ==, md5=jo2x239Y7ujM5nlagIOpOw==
x-goog-generation: 1645801232314868
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 456
cf-ray: 6e3b8fe40a950f5e-MXP
expires: Sat, 25 Feb 2023 15:07:33 GMT

GET
H2 200 chunk-6STEEV7T.min.js Show response
app.gitbook.com/public/app/chunks/ 358 B
747 B 387ms
386ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/app/chunks/chunk-6STEEV7T.min.js
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5453e597cfe3555606ad034aa96beac23e002cd8809eb20af1f7b8ee801f5a53

Request headers

Referer: https://app.gitbook.com/public/app/public-3G6MP5UE.min.js?v=10.9.19-65cb44693db0a31ad28ed593d2db737658a9632f-1899261205
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 72108
x-guploader-uploadid: ADPycduDOHcAyN6kiKRediXaWXg4-TfuWu-RVsvBD22ak_wXv7HKoT3-m7dK6TWE22VGVXoAvCTHmycq0Nd_eoWjTPw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Thu, 21 Oct 2021 18:00:26 GMT
server: cloudflare
etag: W/"1a65b87b6262dc49dbf8d3cc972e3be2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=a/BE9w==, md5=GmW4e2Ji3Enb+NPMly474g==
x-goog-generation: 1634839226752594
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 358
cf-ray: 6e3b8fe40a980f5e-MXP
expires: Sat, 25 Feb 2023 23:13:00 GMT

GET
H2 200 chunk-BEJ5ECGK.min.js Show response
app.gitbook.com/public/app/chunks/ 3 MB
799 KB 180ms
179ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/app/chunks/chunk-BEJ5ECGK.min.js
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12bc77bc563cd347825ad019f4d855338275bd772db68d4c5cefa7622cdfe5ee

Request headers

Referer: https://app.gitbook.com/public/app/public-3G6MP5UE.min.js?v=10.9.19-65cb44693db0a31ad28ed593d2db737658a9632f-1899261205
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 100475
x-guploader-uploadid: ADPycdtK9jk1fsD9bJpxvn95WKGNanRVZ8YFiYqxPFCZLOfeePPNRGSZQUJORTW8gTuwsX72EJtsRKBYuBeDkwVGflc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Fri, 25 Feb 2022 15:00:32 GMT
server: cloudflare
etag: W/"eadf14015d3e5dd2c56614b9de221f34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=TCseJg==, md5=6t8UAV0+XdLFZhS53iIfNA==
x-goog-generation: 1645801232540642
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 3107425
cf-ray: 6e3b8fe40aa20f5e-MXP
expires: Sat, 25 Feb 2023 15:07:33 GMT

GET
H2 200 chunk-UOSLBGKT.min.js Show response
app.gitbook.com/public/app/chunks/ 45 KB
15 KB 191ms
190ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/app/chunks/chunk-UOSLBGKT.min.js
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d0d08cccd0573e2783db076212e4a572a8c8de6510c48a087087d391d19f66

Request headers

Referer: https://app.gitbook.com/public/app/public-3G6MP5UE.min.js?v=10.9.19-65cb44693db0a31ad28ed593d2db737658a9632f-1899261205
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 813309
x-guploader-uploadid: ADPycdvkHv2n_hhYeL0_IDJnvBka5hgWVLm6s5xV_hkTeQViD6VW8ZU5o0REeHGSvs-jN-AxOahpCEZHk_lbAfv-cuI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 08:22:14 GMT
server: cloudflare
etag: W/"e855cf6c49054139e2608cf9fd78ab59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=8KIkyg==, md5=6FXPbEkFQTniYIz5/XirWQ==
x-goog-generation: 1645086134845374
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 46538
cf-ray: 6e3b8fe40ac10f5e-MXP
expires: Fri, 17 Feb 2023 09:30:29 GMT

GET
H2 200 chunk-N6I6GHFX.min.js Show response
app.gitbook.com/public/app/chunks/ 309 KB
115 KB 178ms
177ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/app/chunks/chunk-N6I6GHFX.min.js
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecd11c4d382e2023830ae2d96fb22972b10ee58e60ee71ce9749b940c2209e26

Request headers

Referer: https://app.gitbook.com/public/app/public-3G6MP5UE.min.js?v=10.9.19-65cb44693db0a31ad28ed593d2db737658a9632f-1899261205
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 813309
x-guploader-uploadid: ADPycdtiMKdi4ex3boCp5fqe9WA2DT_qipmvNJk4xmMmU22X5YUP9EAa-kNdxlDDMgotRX09ulZDKsAwqNrCXWqWH8Gkc3d4IQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 08:22:14 GMT
server: cloudflare
etag: W/"5afa2b09771e04b9241909aa3ae9b5cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=zEYb+A==, md5=WvorCXceBLkkGQmqOum1zA==
x-goog-generation: 1645086134914924
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 316382
cf-ray: 6e3b8fe40acb0f5e-MXP
expires: Fri, 17 Feb 2023 09:30:22 GMT

GET
H2 200 chunk-UJTORIRS.min.js Show response
app.gitbook.com/public/app/chunks/ 13 KB
4 KB 397ms
396ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/app/chunks/chunk-UJTORIRS.min.js
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fcd36eee2e22c9a53ca8d9750bc8711273c9cce016a493d9385e1f3015a5ceb

Request headers

Referer: https://app.gitbook.com/public/app/public-3G6MP5UE.min.js?v=10.9.19-65cb44693db0a31ad28ed593d2db737658a9632f-1899261205
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 356316
x-guploader-uploadid: ADPycdt9ioZ-EzUN46sRWwWv90ai0JnM39LktnkGOUNX91bMgBWiWJqAtFfIDfqGRs9HYupAUHMN-0ishBJjNfm6faM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Tue, 22 Feb 2022 15:20:26 GMT
server: cloudflare
etag: W/"9b6e2bd08a9678bab584bf2f68c4e70b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=XpJJlQ==, md5=m24r0IqWeLq1hL8vaMTnCw==
x-goog-generation: 1645543226004952
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 13492
cf-ray: 6e3b8fe40acf0f5e-MXP
expires: Wed, 22 Feb 2023 15:27:48 GMT

GET
H2 200 chunk-CO3SYI4B.min.js Show response
app.gitbook.com/public/app/chunks/ 4 KB
2 KB 403ms
402ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/app/chunks/chunk-CO3SYI4B.min.js
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d43efc9141d3cc0cf15cd8c41b91054a98f480cf549c486177d21604c49d466

Request headers

Referer: https://app.gitbook.com/public/app/public-3G6MP5UE.min.js?v=10.9.19-65cb44693db0a31ad28ed593d2db737658a9632f-1899261205
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 771316
x-guploader-uploadid: ADPycdsoJU98Vy_jKE7GiTqV76TclUAvMsxXK5DDxdPQRyUuh2U1C0MeeTxar3gbkGQvOhbarfbQU98dwnEnQOo-7p7yYBWrtQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Fri, 26 Nov 2021 09:44:23 GMT
server: cloudflare
etag: W/"278619d11861c68c718cadc027c35d77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=QPRzZg==, md5=J4YZ0RhhxoxxjK3AJ8Nddw==
x-goog-generation: 1637919863223979
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 3786
cf-ray: 6e3b8fe42ad50f5e-MXP
expires: Fri, 17 Feb 2023 20:41:00 GMT

GET
H2 200 chunk-G3MVENZQ.min.js Show response
app.gitbook.com/public/app/chunks/ 40 KB
13 KB 171ms
169ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/app/chunks/chunk-G3MVENZQ.min.js
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a032f806beff64868f450f7e5bbb6447743bb4031130dd6b26be4fbe2cca2c26

Request headers

Referer: https://app.gitbook.com/public/app/public-3G6MP5UE.min.js?v=10.9.19-65cb44693db0a31ad28ed593d2db737658a9632f-1899261205
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 253125
x-guploader-uploadid: ADPycdufrMs6sRUKfDgug1vL53H5Az9TAlzhSP5UqhPiFXyRZHOAHwZGnYsWIRyemHalk1HOgvx_dThvQ-u7s4o9OP8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Tue, 22 Feb 2022 15:20:26 GMT
server: cloudflare
etag: W/"d4fb480eeb031b7462f4a9792e828bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=WLyvmg==, md5=1PtIDusDG3Ri9Kl5LoKLwA==
x-goog-generation: 1645543226025922
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 41455
cf-ray: 6e3b8fe42ae60f5e-MXP
expires: Thu, 23 Feb 2023 20:32:17 GMT

GET
H2 200 chunk-F6DIUGYK.min.js Show response
app.gitbook.com/public/app/chunks/ 159 KB
33 KB 378ms
376ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/app/chunks/chunk-F6DIUGYK.min.js
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53faf0cb1c4a7202e4e96593cfdba0616fb4087e080471e65f7eca181ff78769

Request headers

Referer: https://app.gitbook.com/public/app/public-3G6MP5UE.min.js?v=10.9.19-65cb44693db0a31ad28ed593d2db737658a9632f-1899261205
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 356316
x-guploader-uploadid: ADPycdsixOZmRuYz3qV0ZUmCwt7mo8cLRBbEjs_Xl4J16pAuSzDlgmdJSvfhb_XN31Ggy3CMfbNyaWw13Ts7UI5XmaESmwwsZg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Tue, 22 Feb 2022 15:20:26 GMT
server: cloudflare
etag: W/"c5f351ca37c2d5d213c83f2aeba8eafa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=Nco5hw==, md5=xfNRyjfC1dITyD8q66jq+g==
x-goog-generation: 1645543226076904
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 163011
cf-ray: 6e3b8fe42aed0f5e-MXP
expires: Wed, 22 Feb 2023 15:27:23 GMT

GET
H2 200 chunk-CKPXD7I3.min.js Show response
app.gitbook.com/public/app/chunks/ 81 KB
25 KB 177ms
175ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/app/chunks/chunk-CKPXD7I3.min.js
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9b37160d936ddb047c5b80597ff22d790279b1328651d913928c79502781d1a

Request headers

Referer: https://app.gitbook.com/public/app/public-3G6MP5UE.min.js?v=10.9.19-65cb44693db0a31ad28ed593d2db737658a9632f-1899261205
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 356316
x-guploader-uploadid: ADPycdvBTIxiHtsqTG6yzJMTDnlS6zpF1hBTCpwICSMk161sUk2I26CRq5ZPz_BElpMxpNHPvY6HQzlthO2hlJP9l3w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Tue, 22 Feb 2022 15:20:26 GMT
server: cloudflare
etag: W/"694dc11d88f6d6211c199d7f48b53242"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=vbEaBQ==, md5=aU3BHYj21iEcGZ1/SLUyQg==
x-goog-generation: 1645543226069057
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 82574
cf-ray: 6e3b8fe42af00f5e-MXP
expires: Wed, 22 Feb 2023 15:27:23 GMT

GET
H2 200 chunk-PUXUEA6U.min.js Show response
app.gitbook.com/public/app/chunks/ 437 KB
132 KB 171ms
170ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/app/chunks/chunk-PUXUEA6U.min.js
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60ac5470b22fce646968084c1bfa7899213464a29ae0f2bb2d7bcd87b2d4fb34

Request headers

Referer: https://app.gitbook.com/public/app/public-3G6MP5UE.min.js?v=10.9.19-65cb44693db0a31ad28ed593d2db737658a9632f-1899261205
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 356316
x-guploader-uploadid: ADPycdsNExC_BB2UAoExagwlijMDQbe-W9jZIJvuXVbtO30r7sShwL9pMCgV5_1O2HNeRjeGqiB9lC-szko_J3TdgOCEyQDWcg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Tue, 22 Feb 2022 15:20:26 GMT
server: cloudflare
etag: W/"7cd092915e9e51803fc4e0d958274bd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=oNDhpw==, md5=fNCSkV6eUYA/xODZWCdL1A==
x-goog-generation: 1645543226095190
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 447466
cf-ray: 6e3b8fe42af20f5e-MXP
expires: Wed, 22 Feb 2023 15:27:24 GMT

GET
H2 200 chunk-AUVWPKSR.min.js Show response
app.gitbook.com/public/app/chunks/ 1 KB
1 KB 390ms
389ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/app/chunks/chunk-AUVWPKSR.min.js
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1304e827c9f8fc12aafc451c7e88b9c4395bc2ca27072414bb4da27e76f3265

Request headers

Referer: https://app.gitbook.com/public/app/public-3G6MP5UE.min.js?v=10.9.19-65cb44693db0a31ad28ed593d2db737658a9632f-1899261205
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 8997048
x-guploader-uploadid: ADPycduk8U6sIkHrA5SPhrzXk1-J1U1KNAFv-yPKFMZyXxxr5KuCmOcJKlaGxzY1m5onZtlxDdqxDgJK8v3es-yYUaboHEDNYw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Sun, 14 Nov 2021 15:22:06 GMT
server: cloudflare
etag: W/"3f0ff88597c11c05bc6030617a353e4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=10oLmw==, md5=Pw/4hZfBHAW8YDBhejU+Sw==
x-goog-generation: 1636903326107816
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 1201
cf-ray: 6e3b8fe42af40f5e-MXP
expires: Mon, 14 Nov 2022 15:28:10 GMT

GET
H2 200 chunk-RC67YS5E.min.js Show response
app.gitbook.com/public/app/chunks/ 317 KB
85 KB 181ms
180ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/app/chunks/chunk-RC67YS5E.min.js
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebdf4ca70fa879b0f72630481433725eb4fe02e827accb77c8613888252bfde5

Request headers

Referer: https://app.gitbook.com/public/app/public-3G6MP5UE.min.js?v=10.9.19-65cb44693db0a31ad28ed593d2db737658a9632f-1899261205
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 813309
x-guploader-uploadid: ADPycdvt2l9ydSi2SjhdJdj2d4Wn5TELoZcwzlTAoZ0IMza0spUmlTZipg2Y84rz8G9SjBJqCiX3eW532G0CGSfN5l6ZdvlsLA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 08:22:14 GMT
server: cloudflare
etag: W/"cbc71a5fe51cd96eba4253e0f289c90b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=uhGzoA==, md5=y8caX+Uc2W66QlPg8onJCw==
x-goog-generation: 1645086134891002
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 324543
cf-ray: 6e3b8fe42af90f5e-MXP
expires: Fri, 17 Feb 2023 09:30:39 GMT

GET
H2 200 chunk-3D7BTC3O.min.js Show response
app.gitbook.com/public/app/chunks/ 7 KB
3 KB 386ms
385ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/app/chunks/chunk-3D7BTC3O.min.js
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60460338488aa336d00fb0fec92d974da30354597fa036a53cfd5bc8466a191c

Request headers

Referer: https://app.gitbook.com/public/app/public-3G6MP5UE.min.js?v=10.9.19-65cb44693db0a31ad28ed593d2db737658a9632f-1899261205
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 163564
x-guploader-uploadid: ADPycdvUFX-uhX_wS31W1R6cRka90EzNaerD3MReDE3b5ksWO7O_K_6PaZZ8vUCkuXYFGrWIVKmnCaKoOu7BnvU0eAk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 08:22:14 GMT
server: cloudflare
etag: W/"530d6b2ed8aa76f48c7493e7563146fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=OP4VPg==, md5=Uw1rLtiqdvSMdJPnVjFG/A==
x-goog-generation: 1645086134806842
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 7055
cf-ray: 6e3b8fe42afb0f5e-MXP
expires: Fri, 24 Feb 2023 21:42:11 GMT

GET
H2 200 chunk-727HUC7Y.min.js Show response
app.gitbook.com/public/app/chunks/ 422 B
662 B 175ms
175ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/app/chunks/chunk-727HUC7Y.min.js
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcea6d9c3a8f712db5c7690a740cd14a1f33c670752de2e2fa9f54ea73d29404

Request headers

Referer: https://app.gitbook.com/public/app/public-3G6MP5UE.min.js?v=10.9.19-65cb44693db0a31ad28ed593d2db737658a9632f-1899261205
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 813309
x-guploader-uploadid: ADPycdv73waR7rO3IR-aRUKYxl20j2tmkV5yG2nE_gOLowjM8mj8cYzO-wDLYZrA7yMHm0w14rSr6fUUvilYK4qMMME
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 08:22:14 GMT
server: cloudflare
etag: W/"6f42fe9939e17cf2e1d02add37d72449"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=1anFpw==, md5=b0L+mTnhfPLh0CrdN9ckSQ==
x-goog-generation: 1645086134845948
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 422
cf-ray: 6e3b8fe42afd0f5e-MXP
expires: Fri, 17 Feb 2023 09:30:46 GMT

GET
H2 200 chunk-COSHZCUI.min.js Show response
app.gitbook.com/public/app/chunks/ 2 KB
1 KB 177ms
177ms Script
application/javascript 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.gitbook.com/public/app/chunks/chunk-COSHZCUI.min.js
Requested by: Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 735d139d23495c0ff4002da79c99da3dbc2eaf0e53328330d5fe7cc63b66a6e9

Request headers

Referer: https://app.gitbook.com/public/app/public-3G6MP5UE.min.js?v=10.9.19-65cb44693db0a31ad28ed593d2db737658a9632f-1899261205
Origin: https://www.ired.team
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 10461961
x-guploader-uploadid: ADPycduZtdmAISe76xYySE93e85_45gmeCJe_IlkVJNf3FLGaG0J2fXBDFhlAmMxuuQ7MFwkHblpgXHqIrLzC8GFuhc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Thu, 21 Oct 2021 18:00:26 GMT
server: cloudflare
etag: W/"0f55f046c6298ec370f4ae43631222fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=KYmf0Q==, md5=D1XwRsYpjsNw9K5DYxIi/g==
x-goog-generation: 1634839226765939
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 1732
cf-ray: 6e3b8fe42b020f5e-MXP
expires: Fri, 28 Oct 2022 16:29:32 GMT

GET
H2 200 __session Show response
app.gitbook.com/ 52 B
4 KB 243ms
243ms Fetch
application/json 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/__session?proposed=c9f2b39a-829b-4108-bd88-ba1253413359R

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-BEJ5ECGK.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

6ab22962a42f159163e387c5505a1dc04928b9734d85734408aa177f7d64857d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com clearbit-risk.gitbook.com .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com clearbit-risk.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com www.gstatic.com/recaptcha https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network .recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-magic-hash: 33d8b1a92bad2b3819c323b06ef545916dbeef0caf8150e3a09967c5583a6c07
x-powered-by: GitBook
x-cache: MISS
x-release: gitbook-x-prod-10.9.19
vary: Origin, Accept-Encoding
access-control-allow-origin: https://www.ired.team
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"34-0L4V5KeuK6ZSD9wIR1LDaYyveJA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
via: no cache
x-cloud-trace-context: 61af2f6a16297375b2495e12d5085462
cache-control: private
access-control-allow-credentials: true
function-execution-id: 8bu2p4qsnt4i
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com clearbit-risk.gitbook.com *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com clearbit-risk.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
cf-ray: 6e3b8fe839e9839d-MXP
expires: Sat, 26 Feb 2022 19:25:56 GMT

POST
H2 200 / Show response
o1000929.ingest.sentry.io/api/5960429/envelope/ 2 B
244 B 30ms
9ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o1000929.ingest.sentry.io/api/5960429/envelope/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_version=7

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-BEJ5ECGK.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ired.team/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 26 Feb 2022 19:25:55 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.ired.team
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 2

GET
H2 200 rest Show response
firestore.googleapis.com/$discovery/ 48 KB
8 KB 52ms
16ms Fetch
application/json 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/$discovery/rest

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-BEJ5ECGK.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3979346aa49a144ce4662d0c26b3aa7631833dcdf3ac44b14efdc23ec4e1e70d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ired.team
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 8210
x-xss-protection: 0

GET
H2 200 https%3A%2F%2F2603957456-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-28427.appspot.com%2Fo%2Fspaces%252F-LFEMnER3fywgFHoroYn%252Favatar.png%3Fgeneration%3D1536436814766237%26alt%3Dmedia
www.gitbook.com/cdn-cgi/image/width=40,height=40,fit=contain,dpr=1,format=auto/ 1 KB
1 KB 75ms
74ms Image
image/avif 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-PUXUEA6U.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d624a9b45f2860bc9d67e56699a384e87ce9b441c8a30401787b702e734e2dc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
vary: Accept, Accept-Encoding
content-length: 1073
last-modified: Sat, 08 Sep 2018 20:00:14 GMT
server: cloudflare
etag: "cfxEAstVGsILZwEUMa_yTuFg:2965c5f978755802debc0291c5574853"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-resized: internal=ok/m q=0 n=849 c=88 v=2022.1.0 l=1073
accept-ranges: bytes
cf-ray: 6e3b8fe91c80839d-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 https%3A%2F%2F2603957456-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-28427.appspot.com%2Fo%2Fspaces%252F-LFEMnER3fywgFHoroYn%252Favatar.png%3Fgeneration%3D1536436814766237%26alt%3Dmedia
www.gitbook.com/cdn-cgi/image/width=24,height=24,fit=contain,dpr=1,format=auto/ 821 B
906 B 60ms
59ms Image
image/avif 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-PUXUEA6U.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c2df816b4951890f17715d2625d77f04ee0921f40f0b2432ad764c96149d968

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
vary: Accept, Accept-Encoding
content-length: 821
last-modified: Sat, 08 Sep 2018 20:00:14 GMT
server: cloudflare
etag: "cfORVgR5FT-ORC-PW8Ddvsrg:2965c5f978755802debc0291c5574853"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-resized: internal=ok/h q=0 n=971 c=100 v=2022.1.0 l=821
accept-ranges: bytes
cf-ray: 6e3b8fe91c85839d-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 55ms
33ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer&id=UA-128974775-1

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-UJTORIRS.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96c4fca3f8d6e411ea37339b06472836ead482c5049ee8d1286802ad933260cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37407
x-xss-protection: 0
last-modified: Sat, 26 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 26 Feb 2022 19:25:56 GMT

GET
H2 200 https%3A%2F%2F2603957456-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-28427.appspot.com%2Fo%2Fspaces%252F-LFEMnER3fywgFHoroYn%252Favatar.png%3Fgeneration%3D1536436814766237%26alt%3Dmedia
www.gitbook.com/cdn-cgi/image/width=24,height=24,fit=contain,dpr=1,format=auto/ 821 B
883 B 61ms
61ms Image
image/avif 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-PUXUEA6U.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c2df816b4951890f17715d2625d77f04ee0921f40f0b2432ad764c96149d968

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
vary: Accept, Accept-Encoding
content-length: 821
last-modified: Sat, 08 Sep 2018 20:00:14 GMT
server: cloudflare
etag: "cfORVgR5FT-ORC-PW8Ddvsrg:2965c5f978755802debc0291c5574853"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-resized: internal=ok/h q=0 n=971 c=100 v=2022.1.0 l=821
accept-ranges: bytes
cf-ray: 6e3b8fe99e29839d-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=UA-128974775-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6663
date: Sat, 26 Feb 2022 17:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 26 Feb 2022 19:34:53 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 15ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=867959347&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ired.team%2Foffensive-security%2Fpersistence%2Ft1130-install-root-certificate&ul=en-us&de=UTF-8&dt=Installing%20Root%20Certificate%20-%20Red%20Teaming%20Experiments&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1292098198&gjid=5568510&cid=356985018.1645903556&tid=UA-128974775-1&_gid=1060268860.1645903556&_r=1&gtm=2ou2n0&z=1217943718

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-BEJ5ECGK.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 26 Feb 2022 19:25:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ired.team
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqMckKQO2kEqqc1UV%2Fcerts-certutil.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/ 28 KB
28 KB 196ms
196ms Image
image/png 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-PUXUEA6U.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

2dfb402162bc924ade07c769a1be4113d060ee88cee93c24461f7955c91f0880

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1
x-powered-by: GitBook
x-guploader-uploadid: ADPycdsnJF2bASV7lW1J22cv12h01N1o46VIr8r1tLdH47RF_eC7KY6i7LICWns2-JOULgVfMFVLiu7gre9pifrf30U
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''certs-certutil.png
vary: Accept-Encoding
content-length: 28361
cf-ray: 6e3b8fea8c255995-MXP
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Aug 2018 18:32:43 GMT
server: cloudflare
etag: "ede6f30ab17b1418bc246bf79812c033"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=rWEOrg==, md5=7ebzCrF7FBi8JGv3mBLAMw==
x-goog-generation: 1534357963989464
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 28361
x-goog-meta-firebasestoragedownloadtokens: 6c098d3c-c3f0-49f1-a284-248db726315d
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
accept-ranges: bytes
content-type: image/png
expires: Sun, 26 Feb 2023 19:25:55 GMT

GET
H2 200 assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqQ2VqLB4JYJDrAnZ%2Fcerts-installed.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/ 58 KB
58 KB 191ms
191ms Image
image/png 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-PUXUEA6U.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

3b008c2a94a6ee7026de0479a26fe3ea5037c015b6a08a8836c37856608e22fc

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1
x-powered-by: GitBook
x-guploader-uploadid: ADPycdssvk3YtnphyPRGosK3uiT_wA6DYfi01IxwDfhaci-aVRR_hkq6ThIYDXWGtOlwUb02_LYkMXzNiTXaAQACSEE
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''certs-installed.png
vary: Accept-Encoding
content-length: 58931
cf-ray: 6e3b8fea8c2c5995-MXP
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Aug 2018 18:32:43 GMT
server: cloudflare
etag: "e025cbff234cce35e37bc941c878c34d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=uJfeJg==, md5=4CXL/yNMzjXje8lByHjDTQ==
x-goog-generation: 1534357963999170
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 58931
x-goog-meta-firebasestoragedownloadtokens: 6f6451bb-08c7-42fe-8bfd-d396a77e8a92
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
accept-ranges: bytes
content-type: image/png
expires: Sun, 26 Feb 2023 19:25:55 GMT

GET
H2 200 assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqbycoKnz6uhQe5WO%2Fcerts-add-with-ps.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/ 26 KB
27 KB 182ms
182ms Image
image/png 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-PUXUEA6U.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

4e1455cf00349ef0a37105335e7e3e7aa130e07d14896ee47e652657cc3c858a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1
x-powered-by: GitBook
x-guploader-uploadid: ADPycdtcpISDsmCQaNkFQlxASmh8Ifiqw-Weegvh3TVa99vbXjjyDX-4JpZK_Ww0pGhqfObF_5cQ9o-YQ8uh8UqnSPE
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''certs-add-with-ps.png
vary: Accept-Encoding
content-length: 26973
cf-ray: 6e3b8feaac625995-MXP
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Aug 2018 18:32:44 GMT
server: cloudflare
etag: "af4444ea0439b95e57ccb098de0028c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=bhFHfA==, md5=r0RE6gQ5uV5XzLCY3gAoyQ==
x-goog-generation: 1534357964007543
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 26973
x-goog-meta-firebasestoragedownloadtokens: 977a73c0-9160-4753-88d1-6e22cd426b89
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
accept-ranges: bytes
content-type: image/png
expires: Sun, 26 Feb 2023 19:25:55 GMT

GET
H2 200 assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqg-QzrDfu7RLZY3p%2Fcerts-ps-logging.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/ 16 KB
17 KB 181ms
181ms Image
image/png 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-PUXUEA6U.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

ed47c278bf3d7b130073a011f6cad4619cbd0f81e390b78b36f53c9bf9a54cbd

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1
x-powered-by: GitBook
x-guploader-uploadid: ADPycdvGm51PxiAmTxEqI-OubycGpyabie3q2GMgzwX0ZS03owZHQR7jbHGY1hWhe_q9x6X4Je-cyOls_-eFKnevAHI
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''certs-ps-logging.png
vary: Accept-Encoding
content-length: 16682
cf-ray: 6e3b8feaac675995-MXP
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Aug 2018 18:32:43 GMT
server: cloudflare
etag: "b2e73e268d905569f4a697fe6ed5ad75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=W79svA==, md5=suc+Jo2QVWn0ppf+btWtdQ==
x-goog-generation: 1534357963948157
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 16682
x-goog-meta-firebasestoragedownloadtokens: f97b0c60-a6f4-4c5a-b6f8-0bbd4d167908
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
accept-ranges: bytes
content-type: image/png
expires: Sun, 26 Feb 2023 19:25:55 GMT

GET
H2 200 assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyr4S1zYBs87IneLGr%2Fcerts-logs.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/ 51 KB
51 KB 175ms
175ms Image
image/png 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-PUXUEA6U.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

2791874f2ac5a208d84ffb261c0adcf62b4790606433638c5489f1e95335d1d2

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1
x-powered-by: GitBook
x-guploader-uploadid: ADPycdvXIk_g5yQutMKC_fbH4kTr6qi6M2xCzfCiniR_DTnV22bKTPGeON_In6cjOtBtLlBZL8SIcPgw4qFN4v_Pq44
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''certs-logs.png
vary: Accept-Encoding
content-length: 52258
cf-ray: 6e3b8feaac745995-MXP
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Aug 2018 18:32:43 GMT
server: cloudflare
etag: "e0d5a37e5fb59d35ef29fb45a624868e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=AxqoLA==, md5=4NWjfl+1nTXvKftFpiSGjg==
x-goog-generation: 1534357963817758
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 52258
x-goog-meta-firebasestoragedownloadtokens: adeef754-0099-4b94-bb12-d96ec058d34f
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
accept-ranges: bytes
content-type: image/png
expires: Sun, 26 Feb 2023 19:25:55 GMT

GET
H2 200 assets%2F-LFEMnER3fywgFHoroYn%2F-LJz3ScYEAr42Csq9UcK%2F-LJz3Pa7Z4DINdAebLKM%2Fcerts-registry.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/ 39 KB
40 KB 180ms
179ms Image
image/png 2606:4700::6812:91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-PUXUEA6U.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

af22694103076abf2a8dc1e4e5cfb9461a36c469b558a9feb08ce70c1b12c71b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1
x-powered-by: GitBook
x-guploader-uploadid: ADPycduKLlhIKBDUTagQbKW_1Pq8SRkasWYcfyL_XbpBKxxWjeh7OjGxxsKVwfwcJFzKQRcqAb8NmNP-e6Oqaqm-uRk
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''certs-registry.png
vary: Accept-Encoding
content-length: 40274
cf-ray: 6e3b8feabc965995-MXP
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Aug 2018 19:31:02 GMT
server: cloudflare
etag: "fe275e02f6d0fb5b10a9d4c6beb3d9ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
x-goog-hash: crc32c=bPzO1Q==, md5=/ideAvbQ+1sQqdTGvrPZrQ==
x-goog-generation: 1534361462659850
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 40274
x-goog-meta-firebasestoragedownloadtokens: 31ca5d98-42de-4bef-9a9b-03c8c55d7d06
content-security-policy: script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
accept-ranges: bytes
content-type: image/png
expires: Sun, 26 Feb 2023 19:25:55 GMT

GET
H2 200 https%3A%2F%2F2603957456-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-28427.appspot.com%2Fo%2Fspaces%252F-LFEMnER3fywgFHoroYn%252Favatar.png%3Fgeneration%3D1536436814766237%26alt%3Dmedia
www.gitbook.com/cdn-cgi/image/width=40,height=40,fit=contain,dpr=1,format=auto/ 1 KB
1 KB 50ms
50ms Image
image/avif 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d624a9b45f2860bc9d67e56699a384e87ce9b441c8a30401787b702e734e2dc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
vary: Accept, Accept-Encoding
content-length: 1073
last-modified: Sat, 08 Sep 2018 20:00:14 GMT
server: cloudflare
etag: "cfxEAstVGsILZwEUMa_yTuFg:2965c5f978755802debc0291c5574853"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-resized: internal=ok/m q=0 n=849 c=88 v=2022.1.0 l=1073
accept-ranges: bytes
cf-ray: 6e3b8fead9b3839d-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 https%3A%2F%2F2603957456-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-28427.appspot.com%2Fo%2Fspaces%252F-LFEMnER3fywgFHoroYn%252Favatar.png%3Fgeneration%3D1536436814766237%26alt%3Dmedia
www.gitbook.com/cdn-cgi/image/width=24,height=24,fit=contain,dpr=1,format=auto/ 821 B
883 B 70ms
70ms Image
image/avif 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-PUXUEA6U.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c2df816b4951890f17715d2625d77f04ee0921f40f0b2432ad764c96149d968

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
vary: Accept, Accept-Encoding
content-length: 821
last-modified: Sat, 08 Sep 2018 20:00:14 GMT
server: cloudflare
etag: "cfORVgR5FT-ORC-PW8Ddvsrg:2965c5f978755802debc0291c5574853"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-resized: internal=ok/h q=0 n=971 c=100 v=2022.1.0 l=821
accept-ranges: bytes
cf-ray: 6e3b8feafa16839d-MXP
cf-bgj: imgq:85,h2pri

POST
H2 200 / Show response
app.gitbook.com/__amp/ 7 B
261 B 826ms
826ms XHR
text/html 2606:4700::6812:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/__amp/

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-BEJ5ECGK.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 26 Feb 2022 19:25:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=15768000
cf-ray: 6e3b8feb0a120f5e-MXP
content-length: 7

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 favicon.ico
attack.mitre.org/theme/ 6 KB
7 KB 59ms
18ms Image
image/vnd.microsoft.icon 2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attack.mitre.org/theme/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 954182ac30724d6ba9b75332a189a4f8b851286320a11485190ecf10f092dc23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: e8faf7b59f5361edcce5c6d815721a877eb7f286
date: Sat, 26 Feb 2022 19:25:56 GMT
via: 1.1 varnish
age: 66
x-cache: HIT
content-length: 6518
x-served-by: cache-mxp6955-MXP
last-modified: Fri, 07 Jan 2022 20:58:16 GMT
server: GitHub.com
x-github-request-id: 82A2:B038:4A7AEE:4DE849:6217DEFA
x-timer: S1645903556.367308,VS0,VE1
etag: "61d8a968-1976"
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
expires: Thu, 24 Feb 2022 19:49:38 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

POST
H2 200 / Show response
o1000929.ingest.sentry.io/api/5960429/envelope/ 41 B
145 B 8ms
8ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o1000929.ingest.sentry.io/api/5960429/envelope/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_version=7

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-BEJ5ECGK.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

3ddf5e3ec889287aa1301fe54d4eb19700642ecd96b7a03a81bfd93c0cdd3238

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ired.team/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 26 Feb 2022 19:25:56 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.ired.team
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 41

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 54 B
95 B 168ms
153ms Fetch
text/plain 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fgitbook-x-prod%2Fdatabases%2F(default)&VER=8&RID=9937&CVER=22&X-HTTP-Session-Id=gsessionid&%24httpHeaders=X-Goog-Api-Client%3Agl-js%2F%20fire%2F9.6.6%0D%0AContent-Type%3Atext%2Fplain%0D%0AX-Firebase-GMPID%3A1%3A958285583043%3Aweb%3A9c80475faa8bc9f9cb0876%0D%0A&zx=oaff06f311l8&t=1

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-BEJ5ECGK.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efca8df8837b822157531df1eaee8b70c852f337c9e9ec47a50c74b23e81e4f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 26 Feb 2022 19:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-client-wire-protocol: h2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ired.team
access-control-expose-headers: x-client-wire-protocol,x-http-session-id
cache-control: private
access-control-allow-credentials: true
x-http-session-id: 0JaTSByNSmbA2CnXpThjJx4NSxKXlwnw1CxmZrc8ANY

GET
H3 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 6 MB
0 807ms
807ms Fetch
text/plain 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fgitbook-x-prod%2Fdatabases%2F(default)&gsessionid=0JaTSByNSmbA2CnXpThjJx4NSxKXlwnw1CxmZrc8ANY&VER=8&RID=rpc&SID=6OYh8odAFA6__HjjUgbTPw&CI=0&AID=0&TYPE=xmlhttp&zx=ekm4zo6p1u35&t=1

Requested by

Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-BEJ5ECGK.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ired.team
vary: origin
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gitbook.com/	1970-01-23 16:50:36	Name: __session Value: c9f2b39a-829b-4108-bd88-ba1253413359R
.ired.team/	1970-01-20 18:42:55	Name: _ga Value: GA1.2.356985018.1645903556
.ired.team/	1970-01-20 01:13:09	Name: _gid Value: GA1.2.1060268860.1645903556
.ired.team/	1970-01-20 01:11:43	Name: _gat_gtag_UA_128974775_1 Value: 1
.ired.team/	1970-01-20 09:57:19	Name: amp_fef1e8 Value: c9f2b39a-829b-4108-bd88-ba1253413359R...1fsrnubhd.1fsrnubmo.1.0.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https:; default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; img-src data: * blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; font-src app.gitbook.com js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com; worker-src 'self' blob:; frame-src www.intercom-reporting.com www.googletagmanager.com ; form-action api-iam.intercom.io intercom.help; media-src .intercomcdn.com; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.19;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2603957456-files.gitbook.io
app.gitbook.com
attack.mitre.org
cdn.iframe.ly
cdn.polyfill.io
firestore.googleapis.com
o1000929.ingest.sentry.io
www.gitbook.com
www.google-analytics.com
www.googletagmanager.com
www.ired.team
143.204.98.105
2606:4700::6812:86f
2606:4700::6812:91
2606:50c0:8001::153
2a00:1450:4001:808::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:810::200e
2a04:4e42::282
34.120.195.249
12bc77bc563cd347825ad019f4d855338275bd772db68d4c5cefa7622cdfe5ee
142dda220b464de17ccaa3949b42543c6488ede54423361364bffb67ec054a2b
1588e257d5d5d137bdf245d5d1e6e9e89a7393e411feab9fcb28eba9fa615779
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2791874f2ac5a208d84ffb261c0adcf62b4790606433638c5489f1e95335d1d2
2c2df816b4951890f17715d2625d77f04ee0921f40f0b2432ad764c96149d968
2dfb402162bc924ade07c769a1be4113d060ee88cee93c24461f7955c91f0880
2e9516397b60a1f72e680cd614eeae501cc05e8336b41677f6ddcf7ca91ce87b
2fc43de0b7192ea8d141166fd138508b806a7742a19d60d376717d299249a721
391798381365eae6431d5301789e74ae40318b5a909f6732710c938f709dd15b
3979346aa49a144ce4662d0c26b3aa7631833dcdf3ac44b14efdc23ec4e1e70d
3b008c2a94a6ee7026de0479a26fe3ea5037c015b6a08a8836c37856608e22fc
3d43efc9141d3cc0cf15cd8c41b91054a98f480cf549c486177d21604c49d466
3ddf5e3ec889287aa1301fe54d4eb19700642ecd96b7a03a81bfd93c0cdd3238
4356f3284da6af176f927265deaf80895731cebd204690fe24be57e522e5a67e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44690fc0a6b8096b18e51469b19e5502a1236443b0ccb1f54b0b712abed16e94
4527b523271b31ea23e2241eaa32be773ae97e2100a4cde9c4ea807f5bdf345e
45d0d08cccd0573e2783db076212e4a572a8c8de6510c48a087087d391d19f66
474219c4838734328bacdf2229ee7aa9b960e1e22b36aa0b2440dee68b7ded93
4e1455cf00349ef0a37105335e7e3e7aa130e07d14896ee47e652657cc3c858a
53faf0cb1c4a7202e4e96593cfdba0616fb4087e080471e65f7eca181ff78769
5453e597cfe3555606ad034aa96beac23e002cd8809eb20af1f7b8ee801f5a53
60460338488aa336d00fb0fec92d974da30354597fa036a53cfd5bc8466a191c
60ac5470b22fce646968084c1bfa7899213464a29ae0f2bb2d7bcd87b2d4fb34
6ab22962a42f159163e387c5505a1dc04928b9734d85734408aa177f7d64857d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bcc2d1d093284cefbe72506e1d81aac094df22c9a4bdc88ce59f202fd619f03
735d139d23495c0ff4002da79c99da3dbc2eaf0e53328330d5fe7cc63b66a6e9
73971d2e544090ece7946c253f97ad012433034112729f30460561f1b3f3baa4
8789224140397e0644f8d3daf8aaa2733d8a357be81b239188de34b81b3cb11c
8be2edcbae84d5edd53e879a9a8d6c58a8eea966820ac287c0275a9698495518
8fcd36eee2e22c9a53ca8d9750bc8711273c9cce016a493d9385e1f3015a5ceb
91edc14c712c0f1f64767c76dc267782a71d64eef6a3fa0b78e3550b67031f7f
954182ac30724d6ba9b75332a189a4f8b851286320a11485190ecf10f092dc23
95f606ce7bf48055851b9f4961bd8f3bd84735f66fff005d3d1e5d945aebac5c
96c4fca3f8d6e411ea37339b06472836ead482c5049ee8d1286802ad933260cf
99b06c0121019e577fbeb61926a76ab064ebf04641e17b3f3cdd31c5bfada827
a032f806beff64868f450f7e5bbb6447743bb4031130dd6b26be4fbe2cca2c26
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9181efb23e405a5ae51f5eb9ed17564496ab30195bfa13ecb923460d8a92300
abe67ac80a18e468ba4e9fc2138ddf670e168fb92b38ed1e71da54eecd420d9d
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
af22694103076abf2a8dc1e4e5cfb9461a36c469b558a9feb08ce70c1b12c71b
b37d775bb347246729d437f266c2dfcd705a9171580f6149ab673b10a3500367
b836803e97f161fdf9ff088ff46b8b4b9211ef8a1759ee1b223923a2852c6ec4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c1304e827c9f8fc12aafc451c7e88b9c4395bc2ca27072414bb4da27e76f3265
cc85ca1807422f0603716b43ec3f6544ae0a2f395bee02ad3eeb000c2a2aaf86
d624a9b45f2860bc9d67e56699a384e87ce9b441c8a30401787b702e734e2dc1
dcea6d9c3a8f712db5c7690a740cd14a1f33c670752de2e2fa9f54ea73d29404
e24189d8a1f5ac6beed5f9c19f384a917186c2f2a546b6cc5f4578a9c8a6b492
e5040037b99f33713b533de1799d81b07b984140ec146f1a1d0fecee19fa3482
ebdf4ca70fa879b0f72630481433725eb4fe02e827accb77c8613888252bfde5
ecd11c4d382e2023830ae2d96fb22972b10ee58e60ee71ce9749b940c2209e26
ed47c278bf3d7b130073a011f6cad4619cbd0f81e390b78b36f53c9bf9a54cbd
efca8df8837b822157531df1eaee8b70c852f337c9e9ec47a50c74b23e81e4f7
f9b37160d936ddb047c5b80597ff22d790279b1328651d913928c79502781d1a

www.ired.team Open in urlscan Pro 2606:4700::6812:91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

69 Requests

100 %HTTPS

78 %IPv6

10 Domains

11 Subdomains

10 IPs

2 Countries

3189 kBTransfer

14398 kBSize

5 Cookies

6 Outgoing links

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ired.team Open in urlscan Pro
2606:4700::6812:91 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

100 %
HTTPS

78 %
IPv6

10
Domains

11
Subdomains

10
IPs

2
Countries

3189 kB
Transfer

14398 kB
Size

5
Cookies

69 HTTP transactions
1 data transactions