urlscan.io logo urlscan.io
SecurityTrails logo

go.shiftleft.io Open in urlscan Pro
199.60.103.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://shiftleftinc.orpluto.com/api/mailings/click/PMRGSZBCHIYTCMRWGEZDMLBCOVZGYIR2EJUHI5DQOM5C6L3HN4XHG2DJMZ2GYZLGOQXGS3ZPPBZXI...
Effective URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_...
Submission: On October 14 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 4 countries across 34 domains to perform 106 HTTP transactions. The main IP is 199.60.103.30, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is go.shiftleft.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2021. Valid for: a year.
This is the only time go.shiftleft.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.43.108.235 16509 (AMAZON-02)
28 199.60.103.30 209242 (CLOUDFLAR...)
1 142.250.186.170 15169 (GOOGLE)
3 104.16.85.20 13335 (CLOUDFLAR...)
7 104.19.155.83 13335 (CLOUDFLAR...)
2 104.16.19.94 13335 (CLOUDFLAR...)
11 143.204.99.83 16509 (AMAZON-02)
2 18.213.169.209 14618 (AMAZON-AES)
3 172.217.16.136 15169 (GOOGLE)
4 104.16.192.114 13335 (CLOUDFLAR...)
1 151.101.65.140 54113 (FASTLY)
1 104.17.213.204 13335 (CLOUDFLAR...)
2 2.16.186.17 20940 (AKAMAI-ASN1)
1 199.232.136.157 54113 (FASTLY)
1 143.204.98.29 16509 (AMAZON-02)
1 3 143.204.98.74 16509 (AMAZON-02)
1 151.101.129.140 54113 (FASTLY)
1 2 108.174.11.85 14413 (LINKEDIN)
1 1 13.107.42.14 8068 (MICROSOFT...)
1 104.17.112.176 13335 (CLOUDFLAR...)
1 104.18.21.191 13335 (CLOUDFLAR...)
2 104.17.69.176 13335 (CLOUDFLAR...)
1 143.204.98.39 16509 (AMAZON-02)
2 104.244.42.197 13414 (TWITTER)
1 143.204.101.121 16509 (AMAZON-02)
4 142.250.185.142 15169 (GOOGLE)
1 54.68.253.11 16509 (AMAZON-02)
2 104.244.42.3 13414 (TWITTER)
1 143.204.98.69 16509 (AMAZON-02)
1 52.49.162.133 16509 (AMAZON-02)
1 74.125.140.156 15169 (GOOGLE)
1 54.75.159.38 16509 (AMAZON-02)
2 142.250.185.132 15169 (GOOGLE)
2 142.250.185.99 15169 (GOOGLE)
1 34.254.51.160 16509 (AMAZON-02)
1 162.242.174.138 19994 (RACKSPACE)
2 104.16.89.5 13335 (CLOUDFLAR...)
1 104.17.202.204 13335 (CLOUDFLAR...)
5 104.19.154.83 13335 (CLOUDFLAR...)
1 142.250.186.34 15169 (GOOGLE)
1 142.250.186.130 15169 (GOOGLE)
106 39
1    52.43.108.235 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-108-235.us-west-2.compute.amazonaws.com
shiftleftinc.orpluto.com
28    199.60.103.30 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
go.shiftleft.io
1    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
fonts.googleapis.com
3    104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
7    104.19.155.83 (None, )

ASN13335 (CLOUDFLARENET, US)
no-cache.hubspot.com
app.hubspot.com
track.hubspot.com
2    104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
11    143.204.99.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-99-83.fra50.r.cloudfront.net
cdn.segment.com
2    18.213.169.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-169-209.compute-1.amazonaws.com
t.sf14g.com
lltrck.com
3    172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f8.1e100.net
www.googletagmanager.com
4    104.16.192.114 (None, )

ASN13335 (CLOUDFLARENET, US)
fs.hubspotusercontent00.net
1    151.101.65.140 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    104.17.213.204 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
2    2.16.186.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-17.deploy.static.akamaitechnologies.com
snap.licdn.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    143.204.98.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-29.fra50.r.cloudfront.net
static.hotjar.com
3    143.204.98.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-74.fra50.r.cloudfront.net
s.adroll.com
1    151.101.129.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    108.174.11.85 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-11-85.fwd.linkedin.com
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    104.17.112.176 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    104.18.21.191 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
2    104.17.69.176 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    143.204.98.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-39.fra50.r.cloudfront.net
script.hotjar.com
2    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    143.204.101.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-121.fra50.r.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
4    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com
1    54.68.253.11 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-253-11.us-west-2.compute.amazonaws.com
api.segment.io
2    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    143.204.98.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-69.fra50.r.cloudfront.net
vars.hotjar.com
1    52.49.162.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-162-133.eu-west-1.compute.amazonaws.com
d.adroll.com
1    74.125.140.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f156.1e100.net
stats.g.doubleclick.net
1    54.75.159.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-159-38.eu-west-1.compute.amazonaws.com
in.hotjar.com
2    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
2    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
www.google.de
1    34.254.51.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-51-160.eu-west-1.compute.amazonaws.com
ws12.hotjar.com
1    162.242.174.138 (United States)

ASN19994 (RACKSPACE, US)
api.autopilothq.com
2    104.16.89.5 (None, )

ASN13335 (CLOUDFLARENET, US)
perf.hsforms.com
1    104.17.202.204 (None, )

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
5    104.19.154.83 (None, )

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
www.googleadservices.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
28 shiftleft.io
go.shiftleft.io
2 MB
12 hubspot.com
no-cache.hubspot.com
app.hubspot.com
track.hubspot.com
14 KB
11 segment.com
cdn.segment.com
90 KB
5 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
in.hotjar.com
ws12.hotjar.com
64 KB
4 google-analytics.com
www.google-analytics.com
39 KB
4 adroll.com
s.adroll.com
d.adroll.com
17 KB
4 hubspotusercontent00.net
fs.hubspotusercontent00.net
356 KB
3 linkedin.com
px.ads.linkedin.com
www.linkedin.com
3 KB
3 googletagmanager.com
www.googletagmanager.com
144 KB
3 jsdelivr.net
cdn.jsdelivr.net
7 KB
2 hsforms.com
perf.hsforms.com
1018 B
2 google.de
www.google.de
586 B
2 google.com
www.google.com
586 B
2 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
2 KB
2 twitter.com
analytics.twitter.com
892 B
2 t.co
t.co
618 B
2 hs-analytics.net
js.hs-analytics.net
39 KB
2 licdn.com
snap.licdn.com
5 KB
2 cloudflare.com
cdnjs.cloudflare.com
12 KB
1 googleadservices.com
www.googleadservices.com
15 KB
1 hubapi.com
api.hubapi.com
948 B
1 autopilothq.com
api.autopilothq.com
1 segment.io
api.segment.io
141 B
1 cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
6 KB
1 hs-banner.com
js.hs-banner.com
16 KB
1 hsadspixel.net
js.hsadspixel.net
3 KB
1 reddit.com
alb.reddit.com
125 B
1 lltrck.com
lltrck.com
1 ads-twitter.com
static.ads-twitter.com
6 KB
1 hs-scripts.com
js.hs-scripts.com
867 B
1 redditstatic.com
www.redditstatic.com
7 KB
1 sf14g.com
t.sf14g.com
1 googleapis.com
fonts.googleapis.com
1 KB
1 orpluto.com
shiftleftinc.orpluto.com
242 B
106 34
Domain Requested by
28 go.shiftleft.io go.shiftleft.io
11 cdn.segment.com go.shiftleft.io
cdn.segment.com
8 track.hubspot.com
4 www.google-analytics.com cdn.segment.com
www.google-analytics.com
go.shiftleft.io
4 fs.hubspotusercontent00.net go.shiftleft.io
3 s.adroll.com 1 redirects go.shiftleft.io
3 www.googletagmanager.com go.shiftleft.io
cdn.segment.com
js.hsadspixel.net
3 no-cache.hubspot.com go.shiftleft.io
3 cdn.jsdelivr.net go.shiftleft.io
cdn.jsdelivr.net
2 perf.hsforms.com
2 www.google.de go.shiftleft.io
2 www.google.com go.shiftleft.io
2 analytics.twitter.com static.ads-twitter.com
2 t.co go.shiftleft.io
2 js.hs-analytics.net js.hs-scripts.com
cdn.segment.com
2 px.ads.linkedin.com 1 redirects go.shiftleft.io
2 snap.licdn.com go.shiftleft.io
js.hsadspixel.net
2 cdnjs.cloudflare.com go.shiftleft.io
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 api.hubapi.com js.hsadspixel.net
1 api.autopilothq.com go.shiftleft.io
1 ws12.hotjar.com script.hotjar.com
1 in.hotjar.com script.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 d.adroll.com s.adroll.com
1 vars.hotjar.com static.hotjar.com
1 app.hubspot.com go.shiftleft.io
1 api.segment.io cdn.segment.com
1 d2wy8f7a9ursnm.cloudfront.net cdn.segment.com
1 script.hotjar.com static.hotjar.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 www.linkedin.com 1 redirects
1 alb.reddit.com go.shiftleft.io
1 static.hotjar.com go.shiftleft.io
1 lltrck.com go.shiftleft.io
1 static.ads-twitter.com go.shiftleft.io
1 js.hs-scripts.com www.googletagmanager.com
1 www.redditstatic.com www.googletagmanager.com
1 t.sf14g.com go.shiftleft.io
1 fonts.googleapis.com go.shiftleft.io
1 shiftleftinc.orpluto.com 1 redirects
106 43

This site contains links to these domains. Also see Links.

Domain
shiftleft.io
Subject Issuer Validity Valid
go.shiftleft.io
Cloudflare Inc ECC CA-3		 2021-07-16 -
2022-07-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2021-06-26 -
2022-06-25		 a year crt.sh
*.segment.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-19 -
2022-08-09		 a year crt.sh
t.sf14g.com
Go Daddy Secure Certificate Authority - G2		 2021-07-11 -
2022-08-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-05 -
2022-04-02		 6 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
lltrck.com
Go Daddy Secure Certificate Authority - G2		 2021-07-25 -
2022-08-26		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
s.adroll.com
Amazon		 2021-08-02 -
2022-08-31		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-05 -
2022-04-02		 6 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
adroll.mgr.consensu.org
Amazon		 2021-09-09 -
2022-10-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.autopilothq.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-05 -
2022-11-07		 2 years crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 2 frames:

Primary Page: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Frame ID: A38D745F743F7302F836881ECCA5A8AE
Requests: 105 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acff0d328b74363875a0a6075e6c8439.html
Frame ID: 772C846B5AD93364B340ADEE11AF8065
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ShiftLeft | XStream Vulnerability Detection and Mitigation

Page URL History Show full URLs

  1. https://shiftleftinc.orpluto.com/api/mailings/click/PMRGSZBCHIYTCMRWGEZDMLBCOVZGYIR2EJUHI5DQOM5C6L3HN4XHG2DJM... HTTP 302
    https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_ca... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • /bugsnag.*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

106
Requests

100 %
HTTPS

0 %
IPv6

34
Domains

43
Subdomains

39
IPs

4
Countries

2836 kB
Transfer

4496 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://shiftleftinc.orpluto.com/api/mailings/click/PMRGSZBCHIYTCMRWGEZDMLBCOVZGYIR2EJUHI5DQOM5C6L3HN4XHG2DJMZ2GYZLGOQXGS3ZPPBZXI4TFMFWS2Y3WMU7XK5DNL5ZW65LSMNST233VORZGKYLDNBOHKMBQGI3HK5DNL5WWKZDJOVWT2ZLNMFUWYXDVGAYDENTVORWV6Y3PNZ2GK3TUHVRWC3LQMFUWO3S4OUYDAMRWOV2G2X3DMFWXAYLJM5XD2Y3BNVYGC2LHNZPXGY3BL54HG5DSMVQW2XZQG5PTEMBSGFOHKMBQGI3HK5DNL52GK4TNHVOHKMBQGI3HGZTEMNPWGYLNOBQWSZ3OL5UWIPJXGAYTCSJQGAYDAMBQKMZEWOCRIFFSELBCN5ZGOIR2EIZGKNBXMU4WGMRNMY2GIYZNGQ2DGMZNHFRTQZRNGNTDEMRXHE3TON3GMQ2SELBCOZSXE43JN5XCEORCGQRCYITTNFTSEORCJU4DMV3EIVLFEMS7MMWW4R2TNZJFQLLZGZMDKZS2OUZWQSKCOVITGS3HKVMHSSSPIV5GGPJCPU====== HTTP 302
    https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2716620&time=1634208420400&url=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2716620%26time%3D1634208420400%26url%3Dhttps%253A%252F%252Fgo.shiftleft.io%252Fxstream-cve%253Futm_source%253Doutreach%2526utm_medium%253Demail%2526utm_content%253Dcampaign%2526utm_campaign%253Dcampaign_sca_xstream_07_2021%2526utm_term%253D%2526sfdc_campaign_id%253D7011I000000S2K8QAK%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2716620&time=1634208420400&url=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&liSync=true
Request Chain 60
  • https://s.adroll.com/j/exp/AOZOTCADF5C63CDNNBAJD2/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js

106 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request xstream-cve
go.shiftleft.io/
Redirect Chain
  • https://shiftleftinc.orpluto.com/api/mailings/click/PMRGSZBCHIYTCMRWGEZDMLBCOVZGYIR2EJUHI5DQOM5C6L3HN4XHG2DJMZ2GYZLGOQXGS3ZPPBZXI4TFMFWS2Y3WMU7XK5DNL5ZW65LSMNST233VORZGKYLDNBOHKMBQGI3HK5DNL5WWKZDJO...
  • https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
49 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / HubSpot
Resource Hash
2123c72eea1d68955911ade4af6197120bebe8f4649bb3aebd9b4ab49cc34c58
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
go.shiftleft.io
:scheme
https
:path
/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 14 Oct 2021 10:46:59 GMT
content-type
text/html; charset=UTF-8
cache-control
s-maxage=10800, max-age=0
etag
W/"9b5baf5123ee7125fc0f41cd99e482ea"
last-modified
Thu, 14 Oct 2021 00:09:18 GMT
link
</hs/hsstatic/HubspotToolsMenu/static-1.109/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.37/bundles/project.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script
strict-transport-security
max-age=31536000
cache-tag
CT-50279306541,P-3887453,CW-49209540916,CW-49209869058,CW-5698180895,CW-5698185026,CW-5698501679,CW-5698508114,CW-5698687193,CW-5698689872,E-49207805214,E-49207926531,E-49208953646,E-49208953647,E-49209055044,E-49209055075,E-49209481538,E-49209508248,RA-49209644431,RA-49209644450,RA-49209644453,PGS-ALL,SW-0,GC-49366617015,GC-49375014279
content-security-policy
upgrade-insecure-requests
edge-cache-tag
CT-50279306541,P-3887453,CW-49209540916,CW-49209869058,CW-5698180895,CW-5698185026,CW-5698501679,CW-5698508114,CW-5698687193,CW-5698689872,E-49207805214,E-49207926531,E-49208953646,E-49208953647,E-49209055044,E-49209055075,E-49209481538,E-49209508248,RA-49209644431,RA-49209644450,RA-49209644453,PGS-ALL,SW-0,GC-49366617015,GC-49375014279
referrer-policy
no-referrer-when-downgrade
x-hs-cache-config
BrowserCache-5s-EdgeCache-180s
x-hs-cf-cache-status
MISS
x-hs-combine-css
Disabled
x-hs-content-campaign-id
c9173859-5972-4639-96cc-b3f08d2c45dd
x-hs-content-id
50279306541
x-hs-hub-id
3887453
x-hs-prerendered
Thu, 14 Oct 2021 00:09:18 GMT
x-powered-by
HubSpot
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0FSiI%2F5xz9y2q2T%2BGiFXp%2FG9dfGt3Q%2F%2Bfk8wNqPLN%2FdT7mtqE7WXdXCyL6OHG8%2FeCfzuwPB%2FWpJRNFB91CMmETHv7j5Qnk4AXZRgwJsiECFrFW6a65KEf6PLwf3pa%2FJaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
set-cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419; path=/; domain=.go.shiftleft.io; HttpOnly; Secure; SameSite=None
server
cloudflare
cf-ray
69e03a17de6c05b3-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-h2-pushed
</hs/hsstatic/HubspotToolsMenu/static-1.109/js/index.js>,</hs/hsstatic/cos-i18n/static-1.37/bundles/project.js>,</_hcms/forms/v2.js>

Redirect headers

date
Thu, 14 Oct 2021 10:46:58 GMT
content-type
text/html; charset=utf-8
content-length
224
location
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
strict-transport-security
max-age=31536000; includeSubDomains
index.js
go.shiftleft.io/hs/hsstatic/HubspotToolsMenu/static-1.109/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs/hsstatic/HubspotToolsMenu/static-1.109/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
43ac0ae9e90f01a0afabe35cc0aaa377336aac90759e74770251de89db0af44c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:46:59 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5671390
x-amz-server-side-encryption
AES256
cf-ray
69e03a1d4ef105b3-FRA
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA50-C1
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 06 Aug 2021 19:39:07 GMT
server
cloudflare
etag
W/"d0801ffff23e81a99fd8046c0846ba93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g61g3TWkC1FMOXEEJH6fnkdJ9YLv5gF6D%2Bcj6m4P8sO47cCYFt%2BBGwYkFp1GYLSAKEJAH7xbmj8SkFdE4yZ3SBlzdeC74O3rpTHbllnKEx1z%2FxWI90slMG2uKWhMjNH8rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
WCB.Owk3aP2vvRplDI.5pUwB8LkSH.e_
cache-control
public, max-age=31536000
set-cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419; path=/; domain=.go.shiftleft.io; HttpOnly; Secure; SameSite=None
content-type
application/javascript
x-amz-cf-id
pSsLw65tntFDEdA1Wfzw2gZ1r1sYewn82AJ23gwJ4tbHPJEd6QN2gQ==
expires
Fri, 14 Oct 2022 10:46:59 GMT
project.js
go.shiftleft.io/hs/hsstatic/cos-i18n/static-1.37/bundles/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs/hsstatic/cos-i18n/static-1.37/bundles/project.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
69aea70ed00c6297e407afc0b1ccf6db9629eedc412bf0779467f3e462d346e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:46:59 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10179657
x-amz-server-side-encryption
AES256
cf-ray
69e03a1d4ef305b3-FRA
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2-C2
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 14 Jun 2021 16:41:38 GMT
server
cloudflare
etag
W/"6c562b3f1d6a0148fda97d4847422c6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwMqcoGNnv7Inmm0GLD4oao7TAPo4f48Brrsoq1aniUTqZTPhMdGnFfKKdld9MnQYBSz4Uc5yVX8NEn%2Fx6wQxM%2F9DDjvoLu8l0F7SGjp%2FCimKJHUZlRyWSbeqVkUbMQM6w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
M9oUePGbwt7hrJpARSIQzQLaIi7kmGEy
cache-control
public, max-age=31536000
set-cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419; path=/; domain=.go.shiftleft.io; HttpOnly; Secure; SameSite=None
content-type
application/javascript
x-amz-cf-id
DUXbRLuhPxzxlhKqx2KMF2WMfvTtTR6IQDORvdAyUi-gNVGhIKhf-Q==
expires
Fri, 14 Oct 2022 10:46:59 GMT
v2.js
go.shiftleft.io/_hcms/forms/ 		563 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/_hcms/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b98b770ede13e084c8799f8cb498b3828fccc59369d98c94d1fa9e3ae601c3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:46:59 GMT
via
1.1 ac28147bf6a75debb0811f62b6224e6f.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
537
x-amz-server-side-encryption
AES256
cf-ray
69e03a1d4ef405b3-FRA
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-cf-pop
IAD89-C3
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 08 Oct 2021 09:40:13 UTC
server
cloudflare
etag
W/"7eccbdac62489e20d8aafc3562477770"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PngtWo%2Buo%2BTCj26pDXsw6%2BloDTUonMmB%2FNEDaOpywrjF1O0a9334G5%2FuEQO6g1FmXz%2BWcy%2FFXVpHDlIunQSbu4fzGMLRttuHpcFoCE8FSpVMgsvBlpq77Oyt5IBiGFwFGg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
vRAPJlXNMJQkuMakJt1dm4JoYD3l2O9A
access-control-allow-origin
*
cache-control
s-maxage=600, max-age=0
x-hs-cache-status
HIT
set-cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419; path=/; domain=.go.shiftleft.io; HttpOnly; Secure; SameSite=None
content-type
application/javascript; charset=utf-8
x-amz-cf-id
4Fp_lg4lPVSXefC0jKkkQpLprOocOI1Uua_TRUTTM1_-C0Szj27TsQ==
x-hs-target-asset
FormsNext/static-5.378/bundles/project_with_deps.js
jquery-1.7.1.js
go.shiftleft.io/hs/hsstatic/jquery-libs/static-1.1/jquery/ 		92 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:46:59 GMT
via
1.1 89a45b9ac94fb6c6e52c37fdd89a6cb1.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17761553
cf-ray
69e03a1d79615c0e-FRA
x-cache
Hit from cloudfront
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 25 Nov 2014 17:03:30 GMT
server
cloudflare
etag
W/"ddb84c1587287b2df08966081ef063bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ki5Tbzv0BGjggbZjl85Xy9JNyGi500QvG%2FvCofmBTJgG5eB3Nn71z5ykM6Kpkc%2B1TyTsZg9JIWsJJZ72suq1R8KqlRWXQQPmKgeNlLuMnRREwUBSi%2Bs0s1yVewC0lsAnuA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
null
cache-control
public, max-age=31536000
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
uvar5S_Za3dK85YyzXeF9Juu2xF5FRZKLPmzTFmNHquwiPqBpBjL9A==
expires
Fri, 14 Oct 2022 10:46:59 GMT
main.min.css
go.shiftleft.io/hs-fs/hub/3887453/hub_generated/template_assets/49209055044/1634170151427/Studio-Canvas-Clone/css/css/ 		113 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs-fs/hub/3887453/hub_generated/template_assets/49209055044/1634170151427/Studio-Canvas-Clone/css/css/main.min.css
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
866b7cd9229083fc27dfc020660140e14dd2be5635e30d9c9b14ae05932fe1bd

Request headers

:path
/hs-fs/hub/3887453/hub_generated/template_assets/49209055044/1634170151427/Studio-Canvas-Clone/css/css/main.min.css
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1634170151737
date
Thu, 14 Oct 2021 10:47:00 GMT
via
1.1 d1cde188ada6755fe03b8541b71fce4a.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
YVV4HXYYVGVA5PS7
x-amz-id-2
q1BKhA0SQGaJ7zOm2cRXx1BvOuvQGT4pgA58Vzlmx7gnI+uiJMZgw0JuasfgBtEr8jQ0wXPpBJQ=
last-modified
Thu, 14 Oct 2021 00:09:12 GMT
server
cloudflare
etag
W/"77c59270e06059fdcd385ca432378ad7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wa6eEa4ZYg3TIuD8knUoJM%2B%2FEU3pZenFeKOnCEHWATidZ0JtIrdRrbvvikBKlcgjsFmomCUev8VZptTPmuBHbQwx7weLsQCeXO9UbrLmtdQMu4wKI4lBr8OIkBKdj1TAYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
zHbmmCBU7JPG_r7SO9WnAF7ekSGwocZQ
cf-ray
69e03a1d79675c0e-FRA
x-amz-cf-id
8wpGmpOzAnVtLyJSVeRL9v39ED0_1gyvDtjUyWIibDp41Kxne34ZiA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
theme-overrides.min.css
go.shiftleft.io/hs-fs/hub/3887453/hub_generated/template_assets/49209481538/1634170151215/Studio-Canvas-Clone/css/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs-fs/hub/3887453/hub_generated/template_assets/49209481538/1634170151215/Studio-Canvas-Clone/css/css/theme-overrides.min.css
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfd8266e7f23d37dac9361d9814e7b434102bded307d84cb74e8fdd204c3cb90

Request headers

:path
/hs-fs/hub/3887453/hub_generated/template_assets/49209481538/1634170151215/Studio-Canvas-Clone/css/css/theme-overrides.min.css
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1634170151289
date
Thu, 14 Oct 2021 10:47:00 GMT
via
1.1 cb41e4c888d6077f0196a8e9993a2655.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
YVV9ZT4G7PD7JD1Q
x-amz-id-2
gXxEi+H7i/6s3YTBj/OVfpPB5cfF9irN+BqXo82/KvzYdvA0RLsjFHBrzvIDKOJXWNYlAodbsl0=
last-modified
Thu, 14 Oct 2021 00:09:12 GMT
server
cloudflare
etag
W/"25aa9d32086f0849404c3eb00698147d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJAc1eYJVpQzg2qxXO98Tx0Z3Lkme9qgOudYYD6a9ZL2M1ByrktS6Pj13KiRYp4SAcMwmC8UZSoTKXBu9N%2F7VJXPuYghlKa4l5S1bEL3Mds3CmZ24QuA89G7dMm6KDOXEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
h4FNNVSaRk37uStozl4xG5G_Qgd1_zWq
cf-ray
69e03a1d796a5c0e-FRA
x-amz-cf-id
Gq_FPtjiZW1rCscOIhvwNBPv9wNnKy9DRGK4j2wa-pEIkAuK0mOUOA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
module_49209869058_Image_Box.min.css
go.shiftleft.io/hs-fs/hub/3887453/hub_generated/module_assets/49209869058/1624316761471/ 		179 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs-fs/hub/3887453/hub_generated/module_assets/49209869058/1624316761471/module_49209869058_Image_Box.min.css
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e65960ad3a1ccba3a26e0c6bf0f7b130850fb127fb1ab751e7fc936b0fc45166

Request headers

:path
/hs-fs/hub/3887453/hub_generated/module_assets/49209869058/1624316761471/module_49209869058_Image_Box.min.css
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1624316761471
date
Thu, 14 Oct 2021 10:46:59 GMT
via
1.1 50f5f6b4e0025748bb74dce1db44c750.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TVA7BWK5X3Y4V02Z
x-amz-id-2
36RL9OvuldmIrfs3Y9X10tfA2SQNMY64H1q3G9AjF81mVUhCkSmqO0hjAMKwUsIfYNRl65mjNfY=
last-modified
Mon, 21 Jun 2021 23:06:02 GMT
server
cloudflare
etag
W/"c063d237958414160863645fcd51ba64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOfwcu0dwFMgguXAy6oguMs60ch6WcfyLLdvmdTJ%2BWh9IbQ%2FkrpSN6QC8RhTUB%2FgBjjNuaeo4l9dU%2FKda1X8%2B6bsnBZo2O1y5s6ww763UecvDU85Ar81ESjvuPC472jhzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
LDJh06U6bBCFXSuVF3zNhlm2AsrnSG4Z
cf-ray
69e03a1d796c5c0e-FRA
x-amz-cf-id
Y-qQ7F0HYEVDPayTBngCj5aoTRzoGKME3YbSzhbE2MfXlDZkvwltKw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
module_49209540916_Testimonial_Module_1.min.css
go.shiftleft.io/hs-fs/hub/3887453/hub_generated/module_assets/49209540916/1624480872733/ 		203 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs-fs/hub/3887453/hub_generated/module_assets/49209540916/1624480872733/module_49209540916_Testimonial_Module_1.min.css
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4acf1920f3e883902ce5dc8c29a2d3ba106588f17d1c53ee4a6b90726f4d528

Request headers

:path
/hs-fs/hub/3887453/hub_generated/module_assets/49209540916/1624480872733/module_49209540916_Testimonial_Module_1.min.css
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1624480872733
date
Thu, 14 Oct 2021 10:46:59 GMT
via
1.1 8fc9659fc06389e49927f68638e9bc94.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TVA5F30953MQPFPJ
x-amz-id-2
B6rYQa3oJPcwnxY4zp7ypsuXzPvY2o6xlBUEYL+qIx+SIhS0TuhCzypbWVupK939WT3GMQoMWBs=
last-modified
Wed, 23 Jun 2021 20:41:13 GMT
server
cloudflare
etag
W/"ef268ccd8065bdcce1b2bc547edfeecc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnCze%2Bk%2FoEQasepey%2Bos87IO3bPpmI01SdQyLXD6yXMtOig41Exfj%2BAe4OG868IEfUPwS6C3qgkJGqC%2FIXpMbRKDMQAxev258jTpAw6zIuYGDaCEvto3INrqDIc0uSCTkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
bk9FVm8SS8b1yb3JbcopesB78jW.g1kz
cf-ray
69e03a1d796e5c0e-FRA
x-amz-cf-id
fmA4wt4Bvx0c2YonK5pCIcaw2AKN_rZ5mvDvC9k_nVxIfplZMPkxdA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter:regular,300,700,800&display=swap
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
368266073cedabe79acc9adde37bf60aeb37841d4c47f66535ec99a33023a7c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 10:46:59 GMT
server
ESF
date
Thu, 14 Oct 2021 10:46:59 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Thu, 14 Oct 2021 10:46:59 GMT
slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:46:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3006150
x-jsd-version
1.8.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19174-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
69e03a1d98f42b1a-FRA
slick-theme.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 		3 KB
982 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:46:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3006142
x-jsd-version
1.8.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19147-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
69e03a1d98f52b1a-FRA
ShiftLeft_PrimaryLogo_RGB_TwoColor.png
go.shiftleft.io/hs-fs/hubfs/Logos/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.shiftleft.io/hs-fs/hubfs/Logos/ShiftLeft_PrimaryLogo_RGB_TwoColor.png?width=1608&name=ShiftLeft_PrimaryLogo_RGB_TwoColor.png
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c68e2d8359b48ac128ccde0ef800c269bae8512ebcdee9d295924b48f5128a3

Request headers

:path
/hs-fs/hubfs/Logos/ShiftLeft_PrimaryLogo_RGB_TwoColor.png?width=1608&name=ShiftLeft_PrimaryLogo_RGB_TwoColor.png
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1629326197328
date
Thu, 14 Oct 2021 10:47:01 GMT
via
1.1 c6b0d1d85b2590c57ac754bf9e61944f.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
cf-ray
69e03a226c135c0e-FRA
edge-cache-tag
F-53182202765,FD-53182202730,P-3887453,FLS-ALL
x-amz-meta-index-tag
none
x-amz-replication-status
COMPLETED
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20153
last-modified
Wed, 18 Aug 2021 22:38:08 GMT
server
cloudflare
etag
"1e38c8577e7ce2c0f4cc00a9c9618e3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6j2q%2Fn9XYtDi5AZagwpCCnGYReWL6RWD4MdjYT9dsIo2ctr2SXJ8ZCsADyRyj11I5i0IwhOGWWV7NmQV3Me8O9wcI72Iz289thgl6GSmRD%2FFHvzyaKNsOXTuGHpDOvwlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
NCipIKgKwBBZ7CZ9BTXHlVpQvYfEhLKlAQTHnxmMUK2Gj_EYTaOXsQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
c7e8cae4-eee8-41ea-a94a-38eb11dab76c.png
no-cache.hubspot.com/cta/default/3887453/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://no-cache.hubspot.com/cta/default/3887453/c7e8cae4-eee8-41ea-a94a-38eb11dab76c.png
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ac5790a8fe27424696e7443d926f47bfe86562c4c0239da8cc506012cf9286e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CN4AD7QYG0J0VHCR
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2839
x-amz-id-2
6jZilIRrSU7ZQdDj6LTyytvYbh2PhmWtoOB+Evj8l3Djrh3oQFmO87wsSgBBT8a0V+UF5Aivw/s=
last-modified
Wed, 14 Jul 2021 21:22:41 GMT
server
cloudflare
etag
"6f2a2fd5c2b846c42cf1179f3f756ca7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jWhbzLohKnjytRgB8hXtOxzA43Vb0PazU0u0%2BsmbbTML2%2BUOg6PmPA4AIMQJ1Z362LsV%2BkTfnK8Z%2Bqargxt7SVbeP9J3Aj3%2FXlqY75R9CAGIQyflFwLAmar4bX9ML21NXtED5jK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store
accept-ranges
bytes
cf-ray
69e03a229ced4e50-FRA
current.js
go.shiftleft.io/hs/cta/cta/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs/cta/cta/current.js
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40a41723def70b4af303c98a8269de407ed39586596106e16c9e0be01942d72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/hs/cta/cta/current.js
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:00 GMT
via
1.1 156336391961f724345f6534c674b6eb.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
597
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=cta-embed-js/static-1.58/bundles/current.js&cfRay=69e02b8df33505b7-IAD
x-cache
Hit from cloudfront
set-cookie
__cf_bm=4X64iOqtBA1WTiDdnrjQ5Y53Iu_4GM8Ayd.UCEU3GZE-1634208420-0-AU8a+7WpAs5y+YEnClaSVgSV8HaKYlGBbZ8hC3eIRNZaJUIu2RUnzyopbszxbs4lty2qU9mB15+Q6wxYpY0k3Y4=; path=/; expires=Thu, 14-Oct-21 11:17:00 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-ray
69e03a21daf05c0e-FRA
last-modified
Tue, 12 Oct 2021 02:01:47 UTC
server
cloudflare
etag
W/"a8a49c7978076612823c74a68af6ddd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeJ2AOd93Z%2FK%2BgShjM%2BPTJz4vFZICkP2dPaSTfZ%2FDE0fmTXixjygBdhAeuskFydi%2BHxWQV3D4PmqplRcEFAzXRXce2eWuqsqKQ6eVOMPf7dQLJu7z6bHIthVfrGn6QQ6hg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
bIX34_Z7jbBTKmCHOiEuDTn.zv2_JoZI
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-C3
content-type
application/javascript; charset=utf-8
x-amz-cf-id
iZQKFuK-kK_nYXnzMakY9xgAOh5z0y_0DKZads0BTrZmTS8_jgui-g==
x-hs-target-asset
cta-embed-js/static-1.58/bundles/current.js
a6b5fb50-0fb1-4d98-b21c-2ddf54b1d4b0.png
no-cache.hubspot.com/cta/default/3887453/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://no-cache.hubspot.com/cta/default/3887453/a6b5fb50-0fb1-4d98-b21c-2ddf54b1d4b0.png
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fb26daaca8ed734e3586c3365df9a258cab8eabe1f281f4ff244f492f11fa36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CN47N55R8J3H1KR9
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2140
x-amz-id-2
wB9k2hiVDpUaElPHUpfvlA67vqoGFSUfgq4FbLOO5IuauVrHRkpNajI/zLD2FDQpiwAwLGhNh3s=
last-modified
Thu, 15 Jul 2021 16:26:42 GMT
server
cloudflare
etag
"a9535089bffcab0c828f059969e2f80d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipn5rYR9pRUQ8%2BvtwH47qlpfw23TWAIdUYGeLZJxZpd53f9wnasOUGN%2B0y06Jxx5Ls1V3vC%2BhLWVYZfnMmCQqcJbrOutjwWRbdZOpGUazy9YyygyqF0%2Bpf25DirYhzsr9odfsqVX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store
accept-ranges
bytes
cf-ray
69e03a229cf24e50-FRA
xstream-gradient2.png
go.shiftleft.io/hubfs/ 		91 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.shiftleft.io/hubfs/xstream-gradient2.png
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bea12d2fc4d003d697b920166661f3c6d7db15f30135fe367168170712180427

Request headers

:path
/hubfs/xstream-gradient2.png
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-50509473652,P-3887453,FLS-ALL
x-amz-request-id
CN434S273EFTZM10
x-amz-server-side-encryption
AES256
edge-cache-tag
F-50509473652,P-3887453,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
etag
"0d8bade45bc1367d421a0f3095d37317"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1625860084484
date
Thu, 14 Oct 2021 10:47:00 GMT
via
1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
Miss from cloudfront
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
93464
x-amz-id-2
rt4TaklrmTlKKakxr9IJIf91a3p0YyQN1O57ELOSdNdBFBDH12O/0MnTEKBngck5FvmNhzRLERs=
last-modified
Fri, 09 Jul 2021 19:48:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjRWzCIEudGRdrbrfuIze8quFECgNE3F%2BYgRlXHF%2FzMjId7pWyo15hya6CZiklVq1ZoY4wDWl1LCHhhAvOpvcfuoLW4OPEi51S3zKDDuek6RrrP6YGtD1mJ0sJEtL5orsg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
fyaIfYxVAfYSxPp1Usq28ai7gQUf2d6r
accept-ranges
bytes
cf-ray
69e03a226c1a5c0e-FRA
x-amz-cf-id
nXKECUeBAMkKEXzakkOsYT8nvIClpgif2f_PwLmLYXMgYBI2SlB8bA==
a5afdb02-9541-4ffe-9084-e5ed79114f57.png
no-cache.hubspot.com/cta/default/3887453/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://no-cache.hubspot.com/cta/default/3887453/a5afdb02-9541-4ffe-9084-e5ed79114f57.png
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71b76b1c33967b6c2373a3039e6e29d4ea001ef425f88dc412f6594c187d6186
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CN4BVPY2XQA4NDSN
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1967
x-amz-id-2
cL3QT20xaAuZyZvz8PmgQMql4lQAz+PQopWdiiBSsBgi0E4NP5P8fTzd2FvFk1+a9R73p8afCBE=
last-modified
Tue, 13 Jul 2021 20:57:14 GMT
server
cloudflare
etag
"34923b9e92e29ad88764fa9b01283cd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jW8xvIqjwrc5GCo0Ia2eq4wNtlu2ZHgBDadW%2BaLZ5jMonkOI25QYnYxjD48me5c%2BICO5h5umz4QuHRvS4XXLraW0NhP6PacKOCpxi2hytxLOMcDlZ9xFF%2BmQAEBI9v7Bj5A3U2Q8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store
accept-ranges
bytes
cf-ray
69e03a229cf34e50-FRA
main.min.js
go.shiftleft.io/hs-fs/hub/3887453/hub_generated/template_assets/49208953646/1634170157182/Studio-Canvas-Clone/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs-fs/hub/3887453/hub_generated/template_assets/49208953646/1634170157182/Studio-Canvas-Clone/js/main.min.js
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1631b2fe546278d4aa21edf21808efb4af78fe9aae87391bf41c2abf7b2b249

Request headers

:path
/hs-fs/hub/3887453/hub_generated/template_assets/49208953646/1634170157182/Studio-Canvas-Clone/js/main.min.js
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1634170157430
date
Thu, 14 Oct 2021 10:47:00 GMT
via
1.1 c9bc0840da506c3f9fd4715a063463a7.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
SRZB9WJEPHVMF4JW
x-amz-id-2
X8NMe6exgNukl7Nk5/knTg+D26+0+r/TIfzXYrdcjZMLbYEM3tWisyB2Rlzq4evXg5163o5lpZA=
last-modified
Thu, 14 Oct 2021 00:09:18 GMT
server
cloudflare
etag
W/"76dc6fde45530a01f9721234343ddc48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liWctYq9ZZFSXjHBUlgX86eVIQ1Q2XeX7Cu3nrncfhbVTfRqlGeJQmfIRhE9b9GuCV6fNcN%2B3GrUvczpTEkDAfVaDkcVyqm5ny0Mub91HsyibZasCMid8SBhRU%2Btzn4ruA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
nmoM24J0dCWm8xIz3i7BBurwb8TH_6MN
cf-ray
69e03a223ba45c0e-FRA
x-amz-cf-id
-R4YTE71M7gXc0OHj1g5B41vqu61hUzTX5SxnZxT8p9Fb_62505daQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
jquery-3_5_1_min.min.js
go.shiftleft.io/hs-fs/hub/3887453/hub_generated/template_assets/49208953647/1634170156328/Studio-Canvas-Clone/js/ 		88 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs-fs/hub/3887453/hub_generated/template_assets/49208953647/1634170156328/Studio-Canvas-Clone/js/jquery-3_5_1_min.min.js
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1579053f7798c480748c7a0880bcaad947aba2a908007eab8b39a6a66087af82

Request headers

:path
/hs-fs/hub/3887453/hub_generated/template_assets/49208953647/1634170156328/Studio-Canvas-Clone/js/jquery-3_5_1_min.min.js
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1634170157688
date
Thu, 14 Oct 2021 10:47:01 GMT
via
1.1 f9efe5e72b7e5cc47bf34a0b0debcbe2.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
SRZAY4T3GX0A3T45
x-amz-id-2
BERGMvHnmTxfY7jL0Y77h7A4P+NsmnnyozV2WwtY+Okit8oouwLMFtVRSYIWb7TF57wl9PETD9k=
last-modified
Thu, 14 Oct 2021 00:09:18 GMT
server
cloudflare
etag
W/"ae58ea4d0db888de5423fe16ef046994"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KArfma4SoyAkEsRLyxVtKhhzK1rwgM%2B0JaxBrJCtPusmJQRvZGFT8Tdq%2B1ImSl%2FYBm%2BJHJREMK%2BJOQFPt5qqkt6oudGJ9wUwtO7jH%2FCILH57cWe9pc48oo4P8GcsMAPJeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
CEWTLO22VoPgx5vNBJWD_x1AyPIDMkSX
cf-ray
69e03a225be95c0e-FRA
x-amz-cf-id
3BDrDE6HDaBvPUXkXwavxj3TpXpDRoLTXBtixMN_-N0AUyF4Je9LMQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
module_49209540916_Testimonial_Module_1.min.js
go.shiftleft.io/hs-fs/hub/3887453/hub_generated/module_assets/49209540916/1624480872630/ 		489 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs-fs/hub/3887453/hub_generated/module_assets/49209540916/1624480872630/module_49209540916_Testimonial_Module_1.min.js
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
33a2539666bd703eb80ab21fa09b090a23f06573ea48b823c0f5d22bc9c70662

Request headers

:path
/hs-fs/hub/3887453/hub_generated/module_assets/49209540916/1624480872630/module_49209540916_Testimonial_Module_1.min.js
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1624480872630
date
Thu, 14 Oct 2021 10:47:00 GMT
via
1.1 b5e757a7da6f6fe6261f56a8a9646881.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
CN4ED6CJAMC1A1QD
x-amz-id-2
0MuXjR2rvmz6CPVOBxs76AF9/TB8AEfQZSEf4hRXJYtqq4aOg3gnhwLJaUoBdkplM9C+oUUmLpA=
last-modified
Wed, 23 Jun 2021 20:41:13 GMT
server
cloudflare
etag
W/"ecd258b10fc56905089722f0baff5208"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfRkktOApK3bgL%2FAuvk1Dna9XUMUFowhidoFbagUg8Q4bj8GfvDncwbXIzUFlQeAKAqDybyc%2Bk%2FDcp%2Bo3QmkbowReoZmHDAikTwoEmbGpS%2F6VYwsoLzIAelG9n6TohaVXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
7970FxaWDhKdNLFpUVxAs8jua8XUb.tY
cf-ray
69e03a226bfe5c0e-FRA
x-amz-cf-id
1Y83LHjoZYxrdtNVGzyAX8ZZIkCoaVFncKYnoJsgSO9g6P_kOgVSAg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
3887453.js
go.shiftleft.io/hs/scriptloader/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs/scriptloader/3887453.js
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d2a94092b9a30abb0156829e8a67b51848230b4c01fe30d4960fcf0ef38c85

Request headers

:path
/hs/scriptloader/3887453.js
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
9ef5885c-033e-424b-bfad-07020e8f405c
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
x-trace
2BA34201513449FE7488A790250F7E46395EC66F2B000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6rm8A4hFRbppDIYUOiGEyZ%2BWZtNlOPTzKJ%2B6UIcm3AHSVid8KG9zHm0SL98949G5%2BpEKV%2F9ORurnaflhEPk5cgTHEG6UrzX3Rab9Kn2LwQWHgWuojlDrBiwPDK5v2ojxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
69e03a226c205c0e-FRA
expires
Thu, 14 Oct 2021 10:48:00 GMT
slick.min.js
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.js
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Origin
https://go.shiftleft.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1264682
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9033
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-a3e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pt5%2FEAUgasGh6%2FDjzZgMna4gsJxhCFES2iGDgadFJUQa9mYgZAOYiPq9DiQZfc4RTkW9yLOSqvYxjNN7h4l1YA8qFgSosjE4ARKvW%2BYUYN1xgfZosoN0vuYRt%2B6HNp94Nt6oS2Dd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69e03a228c172c36-FRA
expires
Tue, 04 Oct 2022 10:47:00 GMT
jquery.modal.js
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.js
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da8e0092596694fce832478a4fb972e2a705d315a2f058a1e8cfe04b37ccfc1d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2706080
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1927
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-1ee3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BN0Qh5E%2BSLYf2xKwBT0PW08Mu1RThKTqE4lYOkvgK0uZtqLWTT90sXaXciFuljk2bZ6HSwvNdVzam61d9mrXhuHA1OsgLeE2ImbqE8vTD%2FKwq%2BinquTIbjOKYRDudmYtyCRuy4W"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69e03a228c2e698f-FRA
expires
Tue, 04 Oct 2022 10:47:00 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/BuE0mbvCg2yuNg007GcJwWV54R9pfPTd/ 		86 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/BuE0mbvCg2yuNg007GcJwWV54R9pfPTd/analytics.min.js
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-99-83.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f1b3a12409a5f58e3789ee16c7819e1f9fed2e68453a2cc5700408110a444e36

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
XDdaHHDS.ImgAzE9G2wVudgtHyu7QHme
content-encoding
br
etag
W/"cc4322a8a45fd6cd975c61079b65c401"
x-amz-cf-pop
FRA50-C1
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Sat, 28 Aug 2021 07:20:47 GMT
server
AmazonS3
date
Thu, 14 Oct 2021 10:47:01 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-id
AIG5aaf6Cgtnq6IOdGDC21vLVV8GpnDT241NOuFC4KEWwXGF_8s_FA==
sf14g.js
t.sf14g.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sf14g.com/sf14g.js
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.169.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-169-209.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gtm.js
www.googletagmanager.com/ 		170 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MZKPNLJ
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f80dd5462743bfbd2803c6062db35acc51d6db0a8e0f52bd453868dc04e3e5b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62081
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Oct 2021 10:47:00 GMT
SuisseIntl-Black.woff
fs.hubspotusercontent00.net/hubfs/3887453/2021/fonts/ 		86 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fs.hubspotusercontent00.net/hubfs/3887453/2021/fonts/SuisseIntl-Black.woff
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/hs-fs/hub/3887453/hub_generated/template_assets/49209481538/1634170151215/Studio-Canvas-Clone/css/css/theme-overrides.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.192.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a96a5652b510de9ce953b791de4a46fbd011c8156f914b7eec24f1250036c786
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://go.shiftleft.io/
Origin
https://go.shiftleft.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Thu, 14 Oct 2021 10:47:00 GMT
via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
x-amz-meta-cache-tag
F-49856894377,FD-49857216657,P-3887453,FLS-ALL
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
cf-ray
69e03a229d064a80-FRA
edge-cache-tag
F-49856894377,FD-49857216657,P-3887453,FLS-ALL
x-amz-meta-index-tag
all
x-amz-replication-status
COMPLETED
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
TKPY3Z39SVTP90FV
x-amz-id-2
y9vM132EvoMk9Lj6IRqWVPCrOJHLCBEwIhZgN1EvcOReq1hET82bRjAbSuEzNbLz25ZV/6+hRpc=
last-modified
Wed, 30 Jun 2021 07:25:57 GMT
server
cloudflare
etag
W/"e25248a5c0fc1ef85d82c306312fd2de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-meta-created-unix-time-millis
1625037956813
content-type
application/font-woff
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
UytWSiyaqkkFlFacqDREMaCNEQ03RSUi
x-robots-tag
all
x-amz-cf-id
oHuKzi8ApQEDVuozhNlR2BErG4Ii0rYl_14VjAb8Q0ROLAawDLl-xA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
SuisseIntl-Light.woff
fs.hubspotusercontent00.net/hubfs/3887453/2021/fonts/ 		88 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fs.hubspotusercontent00.net/hubfs/3887453/2021/fonts/SuisseIntl-Light.woff
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/hs-fs/hub/3887453/hub_generated/template_assets/49209481538/1634170151215/Studio-Canvas-Clone/css/css/theme-overrides.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.192.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aeba20a3cbf342f6ff788dd1dddede9969fdfcc5f02615e79353308fca6a48c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://go.shiftleft.io/
Origin
https://go.shiftleft.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Thu, 14 Oct 2021 10:47:01 GMT
via
1.1 6b38a2e1db230db568190464ab7177db.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
x-amz-meta-cache-tag
F-49857278295,FD-49857216657,P-3887453,FLS-ALL
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
cf-ray
69e03a229d084a80-FRA
edge-cache-tag
F-49857278295,FD-49857216657,P-3887453,FLS-ALL
x-amz-meta-index-tag
all
x-amz-replication-status
COMPLETED
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
TKPPYSZD7P673R9X
x-amz-id-2
Abzw0rfdvIkmbACUEDZCZP8Qed+cUeQJBPLnystuwtN5JxNOs24tiGExA2D2/sy3s+QrliDet90=
last-modified
Wed, 30 Jun 2021 07:25:57 GMT
server
cloudflare
etag
W/"03a5a2686bac3d66bdd4d20c223c2e6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-meta-created-unix-time-millis
1625037956622
content-type
application/font-woff
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
LXznkzfuKlJ03qOEqyaqSuztc3n_FviR
x-robots-tag
all
x-amz-cf-id
W87qxuC0J1JqbzBc8JoGMEUJipbwSYVsyrezpv8_3Kw3TgdUOzWJMQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
caspar-camille-rubin-fPkvU7RDmCo-unsplash.jpg
go.shiftleft.io/hubfs/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.shiftleft.io/hubfs/caspar-camille-rubin-fPkvU7RDmCo-unsplash.jpg
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf23a58c6f6775ecea9011b10b60f00283bf379fd031a0fc1809f4a2fcdc42fd

Request headers

:path
/hubfs/caspar-camille-rubin-fPkvU7RDmCo-unsplash.jpg
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-50357886381,P-3887453,FLS-ALL
x-amz-request-id
CN463AFQP8Y5BSKQ
x-amz-server-side-encryption
AES256
edge-cache-tag
F-50357886381,P-3887453,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
etag
"3dc555f92b6aefd95ba78cbcb5871da8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1625689077464
date
Thu, 14 Oct 2021 10:47:01 GMT
via
1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-cache
Miss from cloudfront
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1608642
x-amz-id-2
X78yR/L56qvyE+xaje8ior9K0isBVlFtqsNrttZVJ1HgSit13bq69oh2UQPykMWxHJuvF+I+sJ4=
last-modified
Wed, 07 Jul 2021 20:18:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyCUfH%2FibnCUe72bbYQsvYJi5%2FcSdvKRfiNFF%2B7P1DTX9oAya5A0fw9wdSaiDWR1cQ2ZVO77vlN1tFSpfOWem9wvfwyYBihqbchHaDlpO8quKB%2BTLzn%2FNMlW73MsILdljw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
kEwrlEz1dnB.iJe.JmzBuc6ZXJNvr.WC
accept-ranges
bytes
cf-ray
69e03a227c4c5c0e-FRA
x-amz-cf-id
zKKPBKWYAD156Sc6bgszxiHJH3kYt8mcJcIPOoHIbXt4QUcKJaSK2w==
SuisseIntl-Regular.woff
fs.hubspotusercontent00.net/hubfs/3887453/2021/fonts/ 		89 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fs.hubspotusercontent00.net/hubfs/3887453/2021/fonts/SuisseIntl-Regular.woff
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/hs-fs/hub/3887453/hub_generated/template_assets/49209481538/1634170151215/Studio-Canvas-Clone/css/css/theme-overrides.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.192.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de4d41814a38bee65ae2f79930dd09a368e792d70716f8677e8d8ac28a9363c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://go.shiftleft.io/
Origin
https://go.shiftleft.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Thu, 14 Oct 2021 10:47:01 GMT
via
1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
x-amz-meta-cache-tag
F-49857278296,FD-49857216657,P-3887453,FLS-ALL
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
cf-ray
69e03a229d0a4a80-FRA
edge-cache-tag
F-49857278296,FD-49857216657,P-3887453,FLS-ALL
x-amz-meta-index-tag
all
x-amz-replication-status
COMPLETED
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
TKPZVG1KX25BN1EP
x-amz-id-2
5LLFzjDqTmgMvu48kkLXhSL7lL1cd3Bxf5ScCGaw9ouCbLbUuWL1nau0vmndnFHyju17131G9LY=
last-modified
Wed, 30 Jun 2021 07:25:57 GMT
server
cloudflare
etag
W/"557e619c44cc00a08187da77cf8bce19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-meta-created-unix-time-millis
1625037956686
content-type
application/font-woff
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
3NeFeRixUJAk0zXV_tLoLtKoO1Katn4V
x-robots-tag
all
x-amz-cf-id
n9fmA2m79KIGSkb0V0xE2HurQNkLWh49OoHjlJGrm48Bj4XrSJWBgA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
SuisseIntl-Bold.woff
fs.hubspotusercontent00.net/hubfs/3887453/2021/fonts/ 		90 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fs.hubspotusercontent00.net/hubfs/3887453/2021/fonts/SuisseIntl-Bold.woff
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/hs-fs/hub/3887453/hub_generated/template_assets/49209481538/1634170151215/Studio-Canvas-Clone/css/css/theme-overrides.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.192.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8596898c012b01f87c84d29aefac8708808dea09844f2adf6ff9d91e26403482
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://go.shiftleft.io/
Origin
https://go.shiftleft.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Thu, 14 Oct 2021 10:47:01 GMT
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
x-amz-meta-cache-tag
F-49857378878,FD-49857216657,P-3887453,FLS-ALL
x-amz-cf-pop
FRA56-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
cf-ray
69e03a229d0b4a80-FRA
edge-cache-tag
F-49857378878,FD-49857216657,P-3887453,FLS-ALL
x-amz-meta-index-tag
all
x-amz-replication-status
COMPLETED
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
CN4C5BT7RJR60P3N
x-amz-id-2
BLj4RTvy6D3lN2V3KgPR1bd4gWNWmp+m+945WncLLY+nEt9Tz6G+YKZM7nYUDJZrP/JF1ByPFXA=
last-modified
Wed, 30 Jun 2021 07:25:57 GMT
server
cloudflare
etag
W/"b86ce5f5af102483400995ccdf570ae1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-meta-created-unix-time-millis
1625037956799
content-type
application/font-woff
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
ExVw24OGdv9bOxZmKBKR4GGQPl4_oxko
x-robots-tag
all
x-amz-cf-id
8TjT5usPDYRh5cgx55F3rRFBvqYqAtwnEf_5nqXhuc5HQ2P3BQrvAA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
Angi_thumbnail.png
go.shiftleft.io/hs-fs/hubfs/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.shiftleft.io/hs-fs/hubfs/Angi_thumbnail.png?width=84&name=Angi_thumbnail.png
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fac32d93d574fed12ff1d222d4160c3068437f4f520ff4d6d7eb8ba71d188337

Request headers

:path
/hs-fs/hubfs/Angi_thumbnail.png?width=84&name=Angi_thumbnail.png
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:00 GMT
via
1.1 7fc4d53a17d950b206cd9fccf1108b8b.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
edge-cache-tag
F-50359899734,P-3887453,FLS-ALL
x-amz-replication-status
COMPLETED
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2412
last-modified
Wed, 06 Oct 2021 21:19:32 GMT
server
cloudflare
etag
"d8132a1ba2e3465685d960bd459ceb76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjEhdWS8rC8gLrABrm06UqLs1NEtZ8GJ7Ppk5AlPL7NgRz8crrNSg6XLG1jmlqr1OqOy%2BAeXq4gd7d%2FMzaTnZ1%2BxKRPU7jmxWydGMdQar%2B4SzXQjOQHcBhzcx5vI11RcyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
69e03a229c805c0e-FRA
x-amz-cf-id
U-YbspMPZsQ-YNCwOutH3Pky9GHsUhZykZy8WvOKkZvuZXz2oDxWEg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
pixel.js
www.redditstatic.com/ads/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZKPNLJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
7125a66456daa35dd3e3e8cca4b9523e05caf0b4fa5bd5874676e7c6db40f3aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:00 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Wed, 14 Jul 2021 17:50:00 GMT
server
snooserv
etag
"912f60c72fda50b2f21068c65115175d"
vary
Accept-Encoding,Origin
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-encoding
gzip
content-length
7018
3887453.js
js.hs-scripts.com/ 		1 KB
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/3887453.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZKPNLJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.213.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f6c354b3765d8882f2a686316665cde54501f998665a20902825637fd6490b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
0
cf-polished
origSize=1476
x-hubspot-correlation-id
9ef5885c-033e-424b-bfad-07020e8f405c
cf-bgj
minify
server
cloudflare
x-trace
2BA34201513449FE7488A790250F7E46395EC66F2B000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
69e03a236d5c16ea-FRA
expires
Thu, 14 Oct 2021 10:48:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 10:47:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=58593
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:00 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra
DE-BB
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kiad7000068-IAD, cache-hhn11560-HHN
lt-v3.js
lltrck.com/scripts/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://lltrck.com/scripts/lt-v3.js?llid=31200
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.169.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-169-209.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
hotjar-520783.js
static.hotjar.com/c/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-520783.js?sv=6
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-29.fra50.r.cloudfront.net
Software
/
Resource Hash
774864cdc417c87b68a1603df11ed3df72562d9e75cf932ac0ab36805caa6e3c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:00 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA50-C1
etag
W/4b42ba4fadf0c6273dbfa52f57ff6f01
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-id
PTXtWQdz89Hal570sDjYlvnApwKr8QmbL8M7DHCfzZpTiP1CTm2_8Q==
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
roundtrip.js
s.adroll.com/j/AOZOTCADF5C63CDNNBAJD2/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/AOZOTCADF5C63CDNNBAJD2/roundtrip.js
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-74.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
48a1b9aab2bc8c45341d83503f620a5315dc0d3a15e2a6b75db5bf908bbe6a79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
xsILHZBMF6ISdkmu_Rg1Vy8CdsUKbEsj
Content-Encoding
gzip
Etag
W/"b437e7679eaff48f63062f83d1443a2c"
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Access-Control-Max-Age
600
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Tue, 12 Oct 2021 11:47:29 GMT
Server
AmazonS3
Date
Thu, 14 Oct 2021 10:47:01 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
nbgnMPt3AiVUzgmESdYd_mye8ZpTLB00F77xhLvk6c6oPw1CRzIGtQ==
rp.gif
alb.reddit.com/ 		42 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1634208420392&id=t2_84a0apwm&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=dd4a28dc-037c-4b9a-8fa8-ce751ddecbbd&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_a797b96e
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:00 GMT
via
1.1 varnish
server
Varnish
accept-ranges
bytes
content-length
42
retry-after
0
content-type
image/gif
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2716620&time=1634208420400&url=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%2...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2716620%26time%3D1634208420400%26url%3Dhttps%253A%252F%252Fgo.shiftleft.io%252Fxs...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2716620&time=1634208420400&url=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%2...
0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2716620&time=1634208420400&url=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&liSync=true
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.11.85 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-11-85.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:00 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
O9TkgebfrRYQfYY/eSsAAA==

Redirect headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXOTcxpGK+f19TroTyRZw==
pragma
no-cache
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: A75FA6403CDC4C89BBD39D6B71ED1159 Ref B: PRG01EDGE1022 Ref C: 2021-10-14T10:47:00Z
date
Thu, 14 Oct 2021 10:47:00 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2716620&time=1634208420400&url=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&liSync=true
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3887453.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.112.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3580f6192b07e6adf20bee13a293fa896d94bfa1a6ae178a1dc2c0cdfdddee10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:00 GMT
via
1.1 ac28147bf6a75debb0811f62b6224e6f.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
18
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.249/bundles/pixels-release.js&cfRay=69e039b12a9b4e8b-FRA
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Wed, 15 Sep 2021 03:28:21 UTC
server
cloudflare
etag
W/"017aa1ba42249a33ae8828d1b3419e60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
Z6tNN4l67.OGsYaj9b4D5V0rrFjuYW3s
cache-control
max-age=600
x-hs-cache-status
EXPIRED
x-amz-cf-pop
IAD89-C3
cf-ray
69e03a23b8f605cc-FRA
x-amz-cf-id
RpoUZJd8luf1yyMxYRjTdYlVhNfLlBsleHVpJRaCHdm1Q7CCwA90mA==
x-hs-target-asset
adsscriptloaderstatic/static-1.249/bundles/pixels-release.js
3887453.js
js.hs-banner.com/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/3887453.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3887453.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0172b5c7622f53811d0278522d26a9d9b9bb303cb78bd2d1a13599c1e8fa7e6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:00 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
QGC7PRREYNPME6Z4
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
S6UHmPO9pNbGOMeiMCNQZvR/AUmoCeaRCpCw9Lb7hcCsp5VZt2cMKuTGDjElCj/HgDsZ3uQecfI=
timing-allow-origin
*
last-modified
Mon, 27 Sep 2021 18:23:06 GMT
server
cloudflare
etag
W/"55cd0be264584935436bf7cecd839716"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
lPan6ftQRm3RWswy7Bk9wUh.ZWc_6UMk
access-control-allow-origin
https://www.shiftleft.io
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
69e03a23aaab4abc-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Thu, 14 Oct 2021 10:52:00 GMT
3887453.js
js.hs-analytics.net/analytics/1634208300000/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1634208300000/3887453.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3887453.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.69.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35c4e6153ca03a1c90a7b74444690c8f5af51fd2478275e595eeecb4d3c34320

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:00 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
CN4EMW48H81G0TNC
x-amz-server-side-encryption
AES256
cf-ray
69e03a23bdae4e80-FRA
x-amz-id-2
OErD0kO0vWAEYE7tnK+mqHfLrML+VivSDzCQ2gWFCT/cHxRIQ8t0SGnlizNst4eUr84bEJ0P2DQ=
last-modified
Tue, 12 Oct 2021 22:41:41 GMT
server
cloudflare
etag
W/"947fc396b2f8f21d98494a157b1009cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Thu, 14 Oct 2021 10:52:00 GMT
modules.da93b7ce7275a1de2dc8.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.da93b7ce7275a1de2dc8.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-520783.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-39.fra50.r.cloudfront.net
Software
/
Resource Hash
4040b28aabc1749a3350c141fdd0c3306f3590a3046503433532881ac764a70a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 08:06:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
96055
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59677
access-control-allow-origin
*
last-modified
Wed, 13 Oct 2021 08:05:10 GMT
etag
"6be8737e564a5ca64d704bb3d3b71047"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
HUKZ344-xAhGYEsFNTUmvYJUwySSE1a1cMWZMmvl3KpsMQL6JR5rtQ==
adsct
t.co/i/ 		43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz74l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4daf26e8-0816-49be-a7a7-c8f0cc5a7df9&tw_document_href=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Thu, 14 Oct 2021 10:47:00 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
5adb030a02086ecbeaa296d5a2fbf8152898e94d79e9e06f108a406b906fe6d9
x-transaction
f112220344d1ba91
expires
Tue, 31 Mar 1981 05:00:00 GMT
settings
cdn.segment.com/v1/projects/BuE0mbvCg2yuNg007GcJwWV54R9pfPTd/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/BuE0mbvCg2yuNg007GcJwWV54R9pfPTd/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BuE0mbvCg2yuNg007GcJwWV54R9pfPTd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-99-83.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af72f2d0cef4b1e683d81a872f7e9f2e6b6207ff5a7cd8105e9cdb7da47f59d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
FzkjVk7UgIj24i.D5byYkQbSEGgo.A7g
content-encoding
gzip
etag
W/"755bcbc72e49dbad4f9c536c38181072"
age
2847
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 18:47:13 GMT
server
AmazonS3
date
Thu, 14 Oct 2021 09:59:34 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control
public, max-age=10800
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
zvlTRsYn2oPyI9ePIJR7dcPMNa3EQSuz4NJRpdLA2IsNNwouV_sqAQ==
130.bundle.4658d09930a38c10c8b6.js
cdn.segment.com/analytics-next/bundles/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/130.bundle.4658d09930a38c10c8b6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BuE0mbvCg2yuNg007GcJwWV54R9pfPTd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-99-83.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ad1c920d36b3551a4184b5497087355e89ba42a35a7f5185cd0f65cdc26ccfa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 21:12:24 GMT
content-encoding
br
vary
Accept-Encoding
age
5060078
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Mon, 16 Aug 2021 21:09:22 GMT
server
AmazonS3
etag
W/"1b09f8230210d186ae274e7f5668f933"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
EyGtog2ZHhgOh9wPkdYgzAWMYYDki75T
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
tkmJKbNToYGmbxeVslt7eGMl_34UtxW6RWPm7t2HskZhqKKmf3wA1A==
ajs-destination.bundle.5c4dc5a893f01d22d9bb.js
cdn.segment.com/analytics-next/bundles/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.5c4dc5a893f01d22d9bb.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BuE0mbvCg2yuNg007GcJwWV54R9pfPTd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-99-83.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01f42218fd8653a91a8b43c6684e9bbfad81618ed359e5b5154b181f85120865

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 08:14:32 GMT
content-encoding
br
vary
Accept-Encoding
age
873150
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 30 Sep 2021 20:45:51 GMT
server
AmazonS3
etag
W/"0a20d76fd1575156dd469cfd0cb00105"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
zM5rgEmynGb9cZf1Li_LtqtVgtcd6CeT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
vq6NUNAcqctr7qgiEfUy4Ga6ClRqUyDn_gtKDO2DzDWasAhYbvBeug==
google-analytics.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BuE0mbvCg2yuNg007GcJwWV54R9pfPTd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-99-83.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
421b1800e7b45151cbc1c0ddedb6fd783c0330cd295d3386cb2fdff8707c1573

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 09:39:41 GMT
content-encoding
gzip
age
608841
x-cache
Hit from cloudfront
content-length
4747
access-control-allow-origin
*
last-modified
Tue, 05 Oct 2021 19:25:45 GMT
server
AmazonS3
etag
"af268d6bb7fc679bcc741cd09538b42d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
629BtzHYL7fiyQKoBeIIq.U84_3bWsO8
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
sbEWpdu5r-zNw1PC_vYMiHX9fDLoI6pg_32Lyta7OCR1yiL6gp1Xgg==
hotjar.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/hotjar/1.3.2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/hotjar/1.3.2/hotjar.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BuE0mbvCg2yuNg007GcJwWV54R9pfPTd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-99-83.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d42e3c428f1422c65d407da359b81c3cebf11753c0904af02e73c1afbe92d16e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 08:35:08 GMT
content-encoding
gzip
age
94314
x-cache
Hit from cloudfront
content-length
1343
access-control-allow-origin
*
last-modified
Tue, 12 Oct 2021 23:21:30 GMT
server
AmazonS3
etag
"b92e2362e4114fa67e843e95f39fee40"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
muxGaTvRPYCJuN81zXpemTjeQStktaDd
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
tt-kwf18PQfagjYvauz239dzMs0QeDf69-GqYxJXBagNEmx9d4XaKA==
bugsnag.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/bugsnag/2.1.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/bugsnag/2.1.1/bugsnag.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BuE0mbvCg2yuNg007GcJwWV54R9pfPTd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-99-83.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37a87d1097aecc93209f6c9ae8cf982e27e72d51304ff701fabd94f0302aa044

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 00:01:20 GMT
content-encoding
gzip
age
8333142
x-cache
Hit from cloudfront
content-length
1167
access-control-allow-origin
*
last-modified
Fri, 09 Jul 2021 19:25:22 GMT
server
AmazonS3
etag
"d5297c7b382e04ad9b70d7a64255e6bd"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
Oy1AvUHwRi85uRqyAiLbsCn1ck6hLSBT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
DC4Ph8zBAZdPqcYBlOSxrOH5Pq37b8rlSLnI1AoIhXZk_cJKrE2i8Q==
hubspot.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/hubspot/2.2.3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/hubspot/2.2.3/hubspot.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BuE0mbvCg2yuNg007GcJwWV54R9pfPTd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-99-83.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b35ea131b4a879e1c6724056a858856522811a3268a1a96e0883f64fd406d85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 08:29:23 GMT
content-encoding
gzip
age
6315459
x-cache
Hit from cloudfront
content-length
1505
access-control-allow-origin
*
last-modified
Thu, 15 Jul 2021 17:39:17 GMT
server
AmazonS3
etag
"1ce286184eb2d098c4a08a161a0e2346"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
UOZDYUFOtjYfcNxCTXV1jJ8ESKa6Gv5L
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
dw92e_PKhQgnl9kS-QyDPqQ93JE6ic5O3xyxHjrWjQiRH7bj-LLNyg==
google-tag-manager.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BuE0mbvCg2yuNg007GcJwWV54R9pfPTd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-99-83.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b13a1a4e8af2d311b90f19a03c492a5bb951f43d82e5ba22b07e0ffa7db6d937

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 09:39:41 GMT
content-encoding
gzip
age
608841
x-cache
Hit from cloudfront
content-length
1346
access-control-allow-origin
*
last-modified
Tue, 05 Oct 2021 19:25:45 GMT
server
AmazonS3
etag
"639f3175da01a07819bb89783e598341"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
Q7ruQhIntxCTZs6T6G5dfijOtla0NQnj
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
v32lS-9lwt8UHQEZHhYs26gDjCHyLhZVaQd9r1doWPhQk55PEUcNZg==
commons.dddbd6a06577f22e5c7f.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.dddbd6a06577f22e5c7f.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BuE0mbvCg2yuNg007GcJwWV54R9pfPTd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-99-83.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ad7b91941f455bd1260b2d44ab9de7b3cfc1fff40fb56c4798afef02d8d012e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 07 Aug 2021 15:25:01 GMT
content-encoding
gzip
age
5858521
x-cache
Hit from cloudfront
content-length
22055
access-control-allow-origin
*
last-modified
Mon, 02 Aug 2021 21:35:35 GMT
server
AmazonS3
etag
"a58c4402066684684bff5837e7b5fe12"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
zkm5nKHdYX074QnkKX8hTl4BnbVqYwQ1
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
66x2tjKDJi4b9UJVS2MKw74YUHenfJbIloof_lcw-e0J4ch2SuJuxw==
commons.3495c86769f191d6894f.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.3495c86769f191d6894f.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BuE0mbvCg2yuNg007GcJwWV54R9pfPTd/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-99-83.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b5e884ac6bca471440d62a21038e1b0342c4bc6e840388256b5f4137c2e666e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 07:50:32 GMT
content-encoding
gzip
age
3034589
x-cache
Hit from cloudfront
content-length
22175
access-control-allow-origin
*
last-modified
Thu, 26 Aug 2021 21:35:44 GMT
server
AmazonS3
etag
"97bdd3686696ee0e0f60bfaaa6b5693b"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
ycGBqmRQJe7ubt596zlSYLfgMdBxARsQ
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
lAQLUtqbxveqj70Da7eS1SJbuIPPsTXVYbguP9i2KPyFiRbMqROcxw==
3887453.js
js.hs-analytics.net/analytics/1634208600000/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1634208600000/3887453.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.dddbd6a06577f22e5c7f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.69.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35c4e6153ca03a1c90a7b74444690c8f5af51fd2478275e595eeecb4d3c34320

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
PD613W9Y48KHVCJZ
x-amz-server-side-encryption
AES256
cf-ray
69e03a279c374e80-FRA
x-amz-id-2
aRohbucAnA9MkvssEGo+a6L37hOHyfMTvvUoQ0/biDGULUDk8whSp/Q0uRKx3lr7oeQWNjzLPCQ=
last-modified
Tue, 12 Oct 2021 22:41:41 GMT
server
cloudflare
etag
W/"947fc396b2f8f21d98494a157b1009cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Thu, 14 Oct 2021 10:52:01 GMT
bugsnag-3.min.js
d2wy8f7a9ursnm.cloudfront.net/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2wy8f7a9ursnm.cloudfront.net/bugsnag-3.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.dddbd6a06577f22e5c7f.js.gz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-121.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02bfc0792607137745f4a91a7569037afef83eee2dde83866962522e71f81309

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 07:57:10 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Fri, 01 Dec 2017 10:02:01 GMT
Server
AmazonS3
Age
10191
ETag
"c9eb5e1a021aed97ea4ae916d2c1e26a"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
Cache-Control
public, max-age=604800
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
5288
X-Amz-Cf-Id
_ZnLOSrg5n_qxTGaIm3tgeDi6Qkn5Tlz98Qxqyw_gsIHDxJswjG2OA==
gtm.js
www.googletagmanager.com/ 		122 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T5DLLD7&l=dataLayer
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.3495c86769f191d6894f.js.gz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
931eb96470825bd9ec3af52ab23b5e2ec4ab00655e380a2cbc21a2fc5083a80f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45577
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Oct 2021 10:47:01 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.3495c86769f191d6894f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
4
date
Thu, 14 Oct 2021 10:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 14 Oct 2021 12:46:57 GMT
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/AOZOTCADF5C63CDNNBAJD2/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-74.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
dPv0Hcrnu1ogzkPItoFzSnX7IO5liBxs
Via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
Etag
"5816cced8568d223aa09d889f300692b"
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Thu, 30 Sep 2021 23:26:42 GMT
Server
AmazonS3
Date
Thu, 14 Oct 2021 02:45:26 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
wRVlTqvmpsxAH2uryAFSZl98_Rm56Av8oHddJKrvc1gWqnb3ink7Mw==

Redirect headers

Date
Thu, 14 Oct 2021 08:21:01 GMT
Via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
FRA50-C1
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
X-Amz-Cf-Id
1D01qNCOJfoFGsayG3mKlATZd51hCPCuRjiDnv8hdt-ZKViM-2ioFg==
p
api.segment.io/v1/ 		21 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BuE0mbvCg2yuNg007GcJwWV54R9pfPTd/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.253.11 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-253-11.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://go.shiftleft.io
date
Thu, 14 Oct 2021 10:47:01 GMT
content-length
21
vary
Origin
content-type
application/json
8936ac11-41ea-43e1-85e0-7acdb76f8336
go.shiftleft.io/_hcms/forms//embed/v3/form/3887453/ 		28 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/_hcms/forms//embed/v3/form/3887453/8936ac11-41ea-43e1-85e0-7acdb76f8336?callback=hs_reqwest_0&hutk=
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/_hcms/forms/v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd6ff4abdc26b47cce9925654a524b2f804fa7cadc9559ae7883b1fd04184e8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/_hcms/forms//embed/v3/form/3887453/8936ac11-41ea-43e1-85e0-7acdb76f8336?callback=hs_reqwest_0&hutk=
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419; _gcl_au=1.1.201509893.1634208420; sl.ft_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; sl.lt_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; _rdt_uuid=1634208420391.dd4a28dc-037c-4b9a-8fa8-ce751ddecbbd; _hjid=3a9c127c-4f18-4435-8d6a-9fcb74bffdc4; _hjFirstSeen=1; ajs_anonymous_id=85421b71-700e-43ea-8028-729b48bfcb1c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
9e169224-8423-4da7-83cb-1cd91ffab9b3
cf-ray
69e03a2808105c0e-FRA
content-disposition
attachment; filename=no-rfd.txt
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
x-trace
2B94ECB18B3560397B38700A445072258DC0E5E460000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcMVNVNTfosxxmMsaCb1p8b0GZhksQ%2BBozdDQk4q3Ayow%2B4ri9HBz2HPJTfbv4lwn5VO7HDio5xp4MLZmtKUg1IrTAn3WawFvOsgadvdSr6LIKGdbKCOg%2Fy8gz8%2Fxcws0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
adsct
analytics.twitter.com/i/ 		31 B
233 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz74l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4daf26e8-0816-49be-a7a7-c8f0cc5a7df9&tw_document_href=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
pragma
no-cache
last-modified
Thu, 14 Oct 2021 10:47:01 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
cdd04090ef62928c3d80ecda85ecd8b068a258d91f41809f9593ab51b46b58f2
x-transaction
b6e970a318c96583
expires
Tue, 31 Mar 1981 05:00:00 GMT
has-permission
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 		0
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=3887453&callback=jsonpHandler
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/hs/hsstatic/HubspotToolsMenu/static-1.109/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-hs-worker-debug-mode
false
server
cloudflare
x-hubspot-correlation-id
2cab645a-0779-40dd-9a75-c5039942b0d4
x-trace
2BBD24DED6807494E76B32D36E17B907BB2828D98D000000000000000000
date
Thu, 14 Oct 2021 10:47:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
cf-cache-status
DYNAMIC
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
cache-control
max-age=0
access-control-allow-credentials
true
cf-ray
69e03a282e454e50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsct
analytics.twitter.com/i/ 		31 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz74l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=f0fc7ecd-f8d0-4985-829d-8d16cd5e3fcb&tw_document_href=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
pragma
no-cache
last-modified
Thu, 14 Oct 2021 10:47:01 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
cdd04090ef62928c3d80ecda85ecd8b068a258d91f41809f9593ab51b46b58f2
x-transaction
e5c4cd9be371ab58
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz74l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=f0fc7ecd-f8d0-4985-829d-8d16cd5e3fcb&tw_document_href=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Thu, 14 Oct 2021 10:47:01 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
5adb030a02086ecbeaa296d5a2fbf8152898e94d79e9e06f108a406b906fe6d9
x-transaction
a5a26a3587dfddb3
expires
Tue, 31 Mar 1981 05:00:00 GMT
ajax-loader.gif
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ajax-loader.gif
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3006145
x-jsd-version
1.8.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4178
x-served-by
cache-fra19135-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1052-ehqkNhQ5Y4K7FeX95XTZzc0haY8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
69e03a284e143140-FRA
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=78006002&t=pageview&_s=1&dl=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&dp=%2Fxstream-cve&ul=en-us&de=UTF-8&dt=ShiftLeft%20%7C%20XStream%20Vulnerability%20Detection%20and%20Mitigation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAAC~&jid=907486351&gjid=1259381747&cid=80610403.1634208421&tid=UA-92418701-1&_gid=2035684726.1634208421&_r=1&_slc=1&z=882576669
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 10:47:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.shiftleft.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-acff0d328b74363875a0a6075e6c8439.html
vars.hotjar.com/ Frame 772C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-acff0d328b74363875a0a6075e6c8439.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-520783.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-69.fra50.r.cloudfront.net
Software
/
Resource Hash
ab905a6626c29d0612a60bb7944b07ba2a1fd55c0f72ddc87913aa21c3d02fb5

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-acff0d328b74363875a0a6075e6c8439.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK

Response headers

content-type
text/html
content-length
1044
date
Wed, 13 Oct 2021 08:06:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"180eba9df76aa8711e14c898a36db859"
last-modified
Wed, 13 Oct 2021 08:05:10 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
-JD-S7JKFuKAnP4KGZ3uQoN0dRTAifdsOl4wzGPbFqBgMB-Adu4Y_A==
age
96056
AOZOTCADF5C63CDNNBAJD2
d.adroll.com/consent/check/ 		396 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/AOZOTCADF5C63CDNNBAJD2?arrfrr=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&_s=fa92be63100dde52242d8b3db8d5cd33&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/AOZOTCADF5C63CDNNBAJD2/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.162.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-162-133.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
05e64b3a61994f5bd09a8ae38f52819dea10348b6c0d4d15a9e4d93caff8b670

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
server
nginx/1.20.0
content-length
396
content-type
application/javascript
collect
stats.g.doubleclick.net/j/ 		4 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-92418701-1&cid=80610403.1634208421&jid=907486351&gjid=1259381747&_gid=2035684726.1634208421&_u=aEBAAEAAAAAAAC~&z=1156534643
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 14 Oct 2021 10:47:01 GMT
content-type
text/plain
access-control-allow-origin
https://go.shiftleft.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit-data
in.hotjar.com/api/v2/client/sites/520783/ 		146 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/520783/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.da93b7ce7275a1de2dc8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.159.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-159-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36

Request headers

Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-92418701-1&cid=80610403.1634208421&jid=907486351&_u=aEBAAEAAAAAAAC~&z=1196283025
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 10:47:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-92418701-1&cid=80610403.1634208421&jid=907486351&_u=aEBAAEAAAAAAAC~&z=1196283025
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 10:47:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
content
ws12.hotjar.com/api/v2/sites/520783/recordings/ 		66 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws12.hotjar.com/api/v2/sites/520783/recordings/content
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.da93b7ce7275a1de2dc8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.51.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-51-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1f9906d27304d14fd1d3d923b9f466006338e06f77e6cc62b3f509c0367f5ab2

Request headers

Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Thu, 14 Oct 2021 10:47:01 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
f7aaa69532764982a80d5dded9dcc3ebe5759c880a494fcb833a273e31fdf008
api.autopilothq.com/anywhere/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://api.autopilothq.com/anywhere/f7aaa69532764982a80d5dded9dcc3ebe5759c880a494fcb833a273e31fdf008?t=ShiftLeft%20%7C%20XStream%20Vulnerability%20Detection%20and%20Mitigation&u=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&r=
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.242.174.138 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 14 Oct 2021 10:47:01 GMT
Connection
close
Content-Length
18
X-Timing
lt=2
Access-Control-Allow-Methods
GET, POST, PUT, OPTIONS
Content-Type
application/json
loader-v2.js
go.shiftleft.io/hs/cta/ctas/v2/public/cs/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs/cta/ctas/v2/public/cs/loader-v2.js?cos=1&__hsfp=3169173831&__hssc=174850045.1.1634208421470&__hstc=174850045.b25c62a3b80fb7c9f3aec2c114e5a3bc.1634208421470.1634208421470.1634208421470.1&canon=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve&hsutk=b25c62a3b80fb7c9f3aec2c114e5a3bc&pageId=50279306541&contentType=landing-page&pg=c7e8cae4-eee8-41ea-a94a-38eb11dab76c&pid=3887453&sv=cta-embed-js-static-1.58&utm_campaign=campaign_sca_xstream_07_2021&utm_medium=email&lag=1240&rdy=1&cos=1&df=a
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/hs/cta/cta/current.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
062577a94d8d10814a1ae79f9faec844c9aff8ed2d158a8929a7bdebb10d331d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/hs/cta/ctas/v2/public/cs/loader-v2.js?cos=1&__hsfp=3169173831&__hssc=174850045.1.1634208421470&__hstc=174850045.b25c62a3b80fb7c9f3aec2c114e5a3bc.1634208421470.1634208421470.1634208421470.1&canon=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve&hsutk=b25c62a3b80fb7c9f3aec2c114e5a3bc&pageId=50279306541&contentType=landing-page&pg=c7e8cae4-eee8-41ea-a94a-38eb11dab76c&pid=3887453&sv=cta-embed-js-static-1.58&utm_campaign=campaign_sca_xstream_07_2021&utm_medium=email&lag=1240&rdy=1&cos=1&df=a
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419; _gcl_au=1.1.201509893.1634208420; sl.ft_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; sl.lt_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; _rdt_uuid=1634208420391.dd4a28dc-037c-4b9a-8fa8-ce751ddecbbd; _hjid=3a9c127c-4f18-4435-8d6a-9fcb74bffdc4; _hjFirstSeen=1; ajs_anonymous_id=85421b71-700e-43ea-8028-729b48bfcb1c; _ga=GA1.2.80610403.1634208421; _gid=GA1.2.2035684726.1634208421; _gat=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
202624cb-09c3-4e7a-9702-2b943dc4f9b4
cf-ray
69e03a2a3cbc5c0e-FRA
content-disposition
attachment; name="loaderJS" filename="loader-v2.js"
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
x-trace
2B4C4237C81F2531B9682DE3758D66B681F67717EA000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBZxPD39mnMPUuG4Fhsm65UFh%2F%2Fsj61cYcNEqha%2Fpv8W5owzJ90IGNqcX2TRJWtHx%2Ba07iZGKMvBQ9SxRCT%2BIy9VyWljTaC06sMMsIGjFeuLeT3sK2urKxr52ZSbdE4Edw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
set-cookie
__cf_bm=KCsr7L5i5XXqToQWetxlUtnDirT6d3ePzVerfehBOgg-1634208421-0-AZ5jAf8NZRIXI2IOd5HlBOuuru+p2AS5egozk+OU5p1ot0uodqBTp4EUwh7acfHOCUOpBzq9+3mJSOwM6iHWYcM=; path=/; expires=Thu, 14-Oct-21 11:17:01 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
x-robots-tag
noindex, follow
loader-v2.js
go.shiftleft.io/hs/cta/ctas/v2/public/cs/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs/cta/ctas/v2/public/cs/loader-v2.js?cos=1&__hsfp=3169173831&__hssc=174850045.1.1634208421470&__hstc=174850045.b25c62a3b80fb7c9f3aec2c114e5a3bc.1634208421470.1634208421470.1634208421470.1&canon=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve&hsutk=b25c62a3b80fb7c9f3aec2c114e5a3bc&pageId=50279306541&contentType=landing-page&pg=a6b5fb50-0fb1-4d98-b21c-2ddf54b1d4b0&pid=3887453&sv=cta-embed-js-static-1.58&utm_campaign=campaign_sca_xstream_07_2021&utm_medium=email&lag=1237&rdy=1&cos=1&df=a
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/hs/cta/cta/current.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad289824c40ba856f962118d3518301ff39746e2c529ab49df2f5334750bdfd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/hs/cta/ctas/v2/public/cs/loader-v2.js?cos=1&__hsfp=3169173831&__hssc=174850045.1.1634208421470&__hstc=174850045.b25c62a3b80fb7c9f3aec2c114e5a3bc.1634208421470.1634208421470.1634208421470.1&canon=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve&hsutk=b25c62a3b80fb7c9f3aec2c114e5a3bc&pageId=50279306541&contentType=landing-page&pg=a6b5fb50-0fb1-4d98-b21c-2ddf54b1d4b0&pid=3887453&sv=cta-embed-js-static-1.58&utm_campaign=campaign_sca_xstream_07_2021&utm_medium=email&lag=1237&rdy=1&cos=1&df=a
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419; _gcl_au=1.1.201509893.1634208420; sl.ft_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; sl.lt_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; _rdt_uuid=1634208420391.dd4a28dc-037c-4b9a-8fa8-ce751ddecbbd; _hjid=3a9c127c-4f18-4435-8d6a-9fcb74bffdc4; _hjFirstSeen=1; ajs_anonymous_id=85421b71-700e-43ea-8028-729b48bfcb1c; _ga=GA1.2.80610403.1634208421; _gid=GA1.2.2035684726.1634208421; _gat=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
be94acf6-b0ce-4e2f-84f3-0ced1057aed8
cf-ray
69e03a2a3cc05c0e-FRA
content-disposition
attachment; name="loaderJS" filename="loader-v2.js"
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
x-trace
2B9BCDF13FD36EAF7DFE967E555E00EA586A44A3FE000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHlb9gRoc%2FBKs2dQQpsJs0Hs3UPY%2B16DngzQC%2FbeafmIw2v11JQHwB2D1FHgTU8MlodMFzZSmiFyChArWDWeLZsLXEsjaYZymTvFIxB5iCkGyGdZdATF4e5MkDd1RVD%2BpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
set-cookie
__cf_bm=6AqZebxgqFxsYsc7Z7civXZJxc9sH3UIDdBc07oPlRo-1634208421-0-AXYn+MIT0kKJmxIM4Wwp+XVN71xe8eHHXhdQ29SlBlpK1hy81iIeA9JCpTFlSVhEAc5pWufhopo9jZ1dINao3hc=; path=/; expires=Thu, 14-Oct-21 11:17:01 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
x-robots-tag
noindex, follow
loader-v2.js
go.shiftleft.io/hs/cta/ctas/v2/public/cs/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs/cta/ctas/v2/public/cs/loader-v2.js?cos=1&__hsfp=3169173831&__hssc=174850045.1.1634208421470&__hstc=174850045.b25c62a3b80fb7c9f3aec2c114e5a3bc.1634208421470.1634208421470.1634208421470.1&canon=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve&hsutk=b25c62a3b80fb7c9f3aec2c114e5a3bc&pageId=50279306541&contentType=landing-page&pg=a5afdb02-9541-4ffe-9084-e5ed79114f57&pid=3887453&sv=cta-embed-js-static-1.58&utm_campaign=campaign_sca_xstream_07_2021&utm_medium=email&lag=1234&rdy=1&cos=1&df=a
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/hs/cta/cta/current.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
16d0efee1caa29277bde3f46a9116233c80e551ac0ed2ca985089833fbdfe4b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/hs/cta/ctas/v2/public/cs/loader-v2.js?cos=1&__hsfp=3169173831&__hssc=174850045.1.1634208421470&__hstc=174850045.b25c62a3b80fb7c9f3aec2c114e5a3bc.1634208421470.1634208421470.1634208421470.1&canon=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve&hsutk=b25c62a3b80fb7c9f3aec2c114e5a3bc&pageId=50279306541&contentType=landing-page&pg=a5afdb02-9541-4ffe-9084-e5ed79114f57&pid=3887453&sv=cta-embed-js-static-1.58&utm_campaign=campaign_sca_xstream_07_2021&utm_medium=email&lag=1234&rdy=1&cos=1&df=a
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419; _gcl_au=1.1.201509893.1634208420; sl.ft_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; sl.lt_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; _rdt_uuid=1634208420391.dd4a28dc-037c-4b9a-8fa8-ce751ddecbbd; _hjid=3a9c127c-4f18-4435-8d6a-9fcb74bffdc4; _hjFirstSeen=1; ajs_anonymous_id=85421b71-700e-43ea-8028-729b48bfcb1c; _ga=GA1.2.80610403.1634208421; _gid=GA1.2.2035684726.1634208421; _gat=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
5d067d61-8592-4293-8661-ae954c8687e9
cf-ray
69e03a2a3cc35c0e-FRA
content-disposition
attachment; name="loaderJS" filename="loader-v2.js"
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
x-trace
2BEA71A0A8042473EAF64C7CCA801DC9BC7D6986C9000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ta%2B0kTy2l4r9H8uCANXC1BZ68FbLkFdJNVQllG5QQGQJXQ68eCJ0Bfos5xxXhn6VCxlP%2FywUBFzWeESI1JWTV0IgEQ5GuS0viR5sxaDNy%2BJySDaSGjG6ZAclbP4KEdwNVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
set-cookie
__cf_bm=w7bDk12BudgEsg.gRn35frKCWsWQS6vqehC_bs7Nq4o-1634208421-0-AdQDf/XZP0vtAEDmg9ntkUAT0gL50DegeWwLRif4to/eccWXo1EBkyl2jZfgOoIzsQ8Igy4jlqOVkvIklB+hgK4=; path=/; expires=Thu, 14-Oct-21 11:17:01 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
x-robots-tag
noindex, follow
counters.gif
perf.hsforms.com/embed/v3/ 		35 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-hubspot-correlation-id
41f1a994-3110-4f7d-bbaf-d5d77c661574
cf-ray
69e03a2a7c1f4e1f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35
server
cloudflare
x-trace
2BBEFBD0F59934EA62E99790F99A78590F3554947D000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3169173831&v=1.1&a=3887453&pi=50279306541&ct=landing-page&ccu=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve&cpi=50279306541&lpi=50279306541&lvi=50279306541&pu=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&t=ShiftLeft+%7C+XStream+Vulnerability+Detection+and+Mitigation&cts=1634208421475&vi=b25c62a3b80fb7c9f3aec2c114e5a3bc&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
6716e406-ba6b-41df-b1a9-8d671f9abd66
cf-ray
69e03a2a49d64e50-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7FH%2BT1OhiE1TMAcvLn%2FeHKJo8UEozfNLKMBvPg7mdvxRI6Cskas3AJT48WKCxznXfVjoWQK9oWhVAfOC4LF8uFaaQyFlhAQOyFaO4DsmmYdOHNqDMIJG4TGaCErADiiR8vdc"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3169173831&v=1.1&a=3887453&pi=50279306541&ct=landing-page&ccu=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve&cpi=50279306541&lpi=50279306541&lvi=50279306541&pu=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&t=ShiftLeft+%7C+XStream+Vulnerability+Detection+and+Mitigation&cts=1634208421477&vi=b25c62a3b80fb7c9f3aec2c114e5a3bc&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
de07faf4-564e-4754-ae68-ef44abd80a13
cf-ray
69e03a2a49d44e50-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8S55EJpuJCGP4TUYaVnjND291PRbwgv8VT%2BHFiuTCCAs9qU2S0nTGdo2Lx7VwmumVpjSS23oIlx%2BTavxUJQh4RE%2F1G3vmjGH4gBJvfGbZycQkleIPBexZ77yR8aGRV%2FOZGs"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=8936ac11-41ea-43e1-85e0-7acdb76f8336&fci=cc108bef-d8b4-46f4-a8f2-78cd07de38bf&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3169173831&v=1.1&a=3887453&pi=50279306541&ct=landing-page&ccu=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve&cpi=50279306541&lpi=50279306541&lvi=50279306541&pu=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&t=ShiftLeft+%7C+XStream+Vulnerability+Detection+and+Mitigation&cts=1634208421483&vi=b25c62a3b80fb7c9f3aec2c114e5a3bc&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
93caa572-3a63-421f-9945-6d8a1d0cc82c
cf-ray
69e03a2a49d94e50-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hu%2B1ODz%2FC%2FLunFhzRCT0NhNKer2R3rU1J%2Fhdh4j3IjLoKLIyK2nQQy9Tm2Zk%2F4Fk%2BxuIrUBdrPAlscEPvUSCcAWu6kgZyrpRHOWUB0zgg4Q76dM7RwXLnnYl2R2Emldthi3B"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
4
date
Thu, 14 Oct 2021 10:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 14 Oct 2021 12:46:57 GMT
json
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 		124 B
948 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=3887453
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca462fcfb6ba0708dd81ba2ffced324c97d94b1bb40e4311d462415d2e56b51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
083d1bd1-7776-403a-aae2-99741cbb2ddc
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
x-trace
2B81074C5FBC0413B26B99777BD676F72DE9E9B1A8000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDo5MPoavty2CRH0YJ1ZmVeRT1u5rQFkCIsu1jKi3wJrh35DEzqgOfZefeIIMZbpJ6y9NXUL1SoRBTe5VEKt1xKo4OUbIS7%2BbIn9gCCBFtlyjicaMYSN4FXe3wUamyMC"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://go.shiftleft.io
access-control-allow-credentials
false
cf-ray
69e03a2a7dd25c26-FRA
access-control-allow-headers
*
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=78006002&t=pageview&_s=2&dl=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&dp=%2Fxstream-cve&ul=en-us&de=UTF-8&dt=ShiftLeft%20%7C%20XStream%20Vulnerability%20Detection%20and%20Mitigation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAAC~&jid=&gjid=&cid=80610403.1634208421&tid=UA-92418701-1&_gid=2035684726.1634208421&z=2107903241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 13:39:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
76039
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-0
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
bfa92cb5104d5a2743844e91768bceaccd3daff2187659eee3aa69a6b6b0adb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39092
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Oct 2021 10:47:01 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 10:47:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=58592
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
__ptq.gif
track.hubspot.com/ 		45 B
763 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22c7e8cae4-eee8-41ea-a94a-38eb11dab76c%22%2C%22058b739f-c330-4679-a59a-42d48cb5857c%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3169173831&v=1.1&a=3887453&pi=50279306541&ct=landing-page&ccu=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve&cpi=50279306541&lpi=50279306541&lvi=50279306541&pu=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&t=ShiftLeft+%7C+XStream+Vulnerability+Detection+and+Mitigation&cts=1634208421654&vi=b25c62a3b80fb7c9f3aec2c114e5a3bc&nc=true&u=174850045.b25c62a3b80fb7c9f3aec2c114e5a3bc.1634208421470.1634208421470.1634208421470.1&b=174850045.1.1634208421470&cc=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
4f2fe854-3a9d-4e1b-9772-77764ef0f91f
cf-ray
69e03a2b7f6f1f25-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kx606bjWCvZHFcUVxvghOxw9%2F8Yd1TJl2yQZ9Za%2BR3sRLg4wM%2FI47cyVoRT0eNVxAG8unyM537SK4qFO8nIw%2FjP94I51UA232AMqPi2hLYQv%2FdUn662a4MMtfazvWupEj5f5"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22c7e8cae4-eee8-41ea-a94a-38eb11dab76c%22%2C%22058b739f-c330-4679-a59a-42d48cb5857c%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3169173831&v=1.1&a=3887453&pi=50279306541&ct=landing-page&ccu=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve&cpi=50279306541&lpi=50279306541&lvi=50279306541&pu=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&t=ShiftLeft+%7C+XStream+Vulnerability+Detection+and+Mitigation&cts=1634208421657&vi=b25c62a3b80fb7c9f3aec2c114e5a3bc&nc=true&u=174850045.b25c62a3b80fb7c9f3aec2c114e5a3bc.1634208421470.1634208421470.1634208421470.1&b=174850045.1.1634208421470&cc=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
a3987a05-078f-4f5b-9162-bbfc527c2897
cf-ray
69e03a2b7f721f25-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9e2mxs9giVslasshCiz94TdNvn3p4WN%2FdpqnP8A7dnrT3LGRs5mJwd4BKmALwUwqb%2BAx9BYDk3OjAn9J5jLkAsOAfp3oOvPhWO%2FUwVkFM7N2CxfG9xVpVqtdeVNgZokNrl%2FV"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22a6b5fb50-0fb1-4d98-b21c-2ddf54b1d4b0%22%2C%22bc10fc9a-2204-4dac-89e7-63579b1b834a%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3169173831&v=1.1&a=3887453&pi=50279306541&ct=landing-page&ccu=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve&cpi=50279306541&lpi=50279306541&lvi=50279306541&pu=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&t=ShiftLeft+%7C+XStream+Vulnerability+Detection+and+Mitigation&cts=1634208421661&vi=b25c62a3b80fb7c9f3aec2c114e5a3bc&nc=true&u=174850045.b25c62a3b80fb7c9f3aec2c114e5a3bc.1634208421470.1634208421470.1634208421470.1&b=174850045.1.1634208421470&cc=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
456f847a-a364-4344-8ef1-64c0d242ca4d
cf-ray
69e03a2b7f761f25-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnUTgo56ErUg9N5xSiD%2FMqtqO51iN0yHCmLsc%2FGUoBGCYXsFXyJmOAWOMHm0bc%2B2qWMa6OmQR%2BWz3pg5ZXXB1Pn3ByDa%2BMc2puBg9u%2BNvKcaIL%2FjIsuSNsIlcodoGXYcu1OY"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22a6b5fb50-0fb1-4d98-b21c-2ddf54b1d4b0%22%2C%22bc10fc9a-2204-4dac-89e7-63579b1b834a%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3169173831&v=1.1&a=3887453&pi=50279306541&ct=landing-page&ccu=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve&cpi=50279306541&lpi=50279306541&lvi=50279306541&pu=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&t=ShiftLeft+%7C+XStream+Vulnerability+Detection+and+Mitigation&cts=1634208421662&vi=b25c62a3b80fb7c9f3aec2c114e5a3bc&nc=true&u=174850045.b25c62a3b80fb7c9f3aec2c114e5a3bc.1634208421470.1634208421470.1634208421470.1&b=174850045.1.1634208421470&cc=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
3b726558-0dd5-4f7f-926d-41aa9c04d046
cf-ray
69e03a2b7f741f25-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rKKFjYB2gnieALjHDi4gJEJU%2BfiD6p9UWXTeLT2CuY3E1TB2DE0q9k2MJfwNLKCR%2BsSK1HOG0V8p3nLU1BSh9X6iBaG%2ByYXEYibo8jsCtLeOZMtjZFJPeKFYrcvzMSaWvfK%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22a5afdb02-9541-4ffe-9084-e5ed79114f57%22%2C%2285a2e424-1314-462a-8c74-7e081a726106%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3169173831&v=1.1&a=3887453&pi=50279306541&ct=landing-page&ccu=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve&cpi=50279306541&lpi=50279306541&lvi=50279306541&pu=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&t=ShiftLeft+%7C+XStream+Vulnerability+Detection+and+Mitigation&cts=1634208421664&vi=b25c62a3b80fb7c9f3aec2c114e5a3bc&nc=true&u=174850045.b25c62a3b80fb7c9f3aec2c114e5a3bc.1634208421470.1634208421470.1634208421470.1&b=174850045.1.1634208421470&cc=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
79dc0627-b691-444f-b166-c8e62f53eacc
cf-ray
69e03a2b7f7b1f25-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jOr0yxfn4EPVdrntxtPwGTyMel4a1BRVWOZ2i1W0y7BZCsoDWdYCrdP2E3gEyxHD7oD97jFZHvBEUnymQ0uJ0D2r%2FHlOkbRf%2B4S4NnJ6GkKHYTGPxOWHI0wdmL4OX2POI71F"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
cta-loaded.js
go.shiftleft.io/hs/cta/ctas/v2/public/cs/ 		0
885 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=3887453&pg=c7e8cae4-eee8-41ea-a94a-38eb11dab76c&lt=1634208420232&dt=1634208421472&at=1634208421667&ae=1&sl=1&an=1
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/hs/cta/cta/current.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=3887453&pg=c7e8cae4-eee8-41ea-a94a-38eb11dab76c&lt=1634208420232&dt=1634208421472&at=1634208421667&ae=1&sl=1&an=1
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419; _gcl_au=1.1.201509893.1634208420; sl.ft_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; sl.lt_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; _rdt_uuid=1634208420391.dd4a28dc-037c-4b9a-8fa8-ce751ddecbbd; _hjid=3a9c127c-4f18-4435-8d6a-9fcb74bffdc4; _hjFirstSeen=1; ajs_anonymous_id=85421b71-700e-43ea-8028-729b48bfcb1c; _ga=GA1.2.80610403.1634208421; _gid=GA1.2.2035684726.1634208421; _gat=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; __hstc=174850045.b25c62a3b80fb7c9f3aec2c114e5a3bc.1634208421470.1634208421470.1634208421470.1; hubspotutk=b25c62a3b80fb7c9f3aec2c114e5a3bc; __hssrc=1; __hssc=174850045.1.1634208421470
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-hubspot-correlation-id
e438b3c1-d910-4635-8077-81fdef7099cd
x-trace
2BE892DD2A7C1DC5771892CC12305D9DFA9489F077000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FfLXgy1V6r7KTD5o428OaZpgWdxu9o3Qf3YPNrN7D1guPChSBa2hbliWRZ4MjLX1816yuMvVi2OOXgf68lrUjIOsDfA86LvHCll82oBGGOEbtixzkZRXienotC6BNzu5g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, no-cache, no-store
set-cookie
__cf_bm=Rciv_BE5KlON0l9MHAALYFt0m5TyJ9Y_p4inOpEQHGE-1634208421-0-AeT/DrcB4FaK0uxNJwdS2I3ChDhoeK4BYsJvziAhF8GOMK4FOkkc2qIq14XNfz+G0XukZjPKpTZifeAW8guyTZ0=; path=/; expires=Thu, 14-Oct-21 11:17:01 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
cf-ray
69e03a2b7f145c0e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag
noindex, follow
cta-loaded.js
go.shiftleft.io/hs/cta/ctas/v2/public/cs/ 		0
888 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=3887453&pg=c7e8cae4-eee8-41ea-a94a-38eb11dab76c&lt=1634208420232&dt=1634208421472&at=1634208421670&ae=1&sl=1&an=1
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/hs/cta/cta/current.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=3887453&pg=c7e8cae4-eee8-41ea-a94a-38eb11dab76c&lt=1634208420232&dt=1634208421472&at=1634208421670&ae=1&sl=1&an=1
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419; _gcl_au=1.1.201509893.1634208420; sl.ft_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; sl.lt_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; _rdt_uuid=1634208420391.dd4a28dc-037c-4b9a-8fa8-ce751ddecbbd; _hjid=3a9c127c-4f18-4435-8d6a-9fcb74bffdc4; _hjFirstSeen=1; ajs_anonymous_id=85421b71-700e-43ea-8028-729b48bfcb1c; _ga=GA1.2.80610403.1634208421; _gid=GA1.2.2035684726.1634208421; _gat=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; __hstc=174850045.b25c62a3b80fb7c9f3aec2c114e5a3bc.1634208421470.1634208421470.1634208421470.1; hubspotutk=b25c62a3b80fb7c9f3aec2c114e5a3bc; __hssrc=1; __hssc=174850045.1.1634208421470
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-hubspot-correlation-id
299a9d54-c7d4-483e-94c4-d7ca9e74fdb6
x-trace
2B8D66F1FAB3947CA3B71A16F98A06E15140729D5E000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYgN%2FoeXRwiyzTVMBZ6p4upQ8OdFmQIKQknHJ8bIN4GQroVJDeJRdtM3ElTBcZWWo2a8C03vEbQLNwaG66Y5R7D7SLkSGrlk2%2FB4M6o31SSFQUyy14dsJeHtqLR%2FJiEv6w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, no-cache, no-store
set-cookie
__cf_bm=Au85vlL5H1a2nVMCrjPlCt.2nvmfqecsUDMVw7sokH8-1634208421-0-AbWdVa61u9KofSiK1zYLQCFI63gufb17esZBfDZ1wxUI4kZP8KFL9QXfKAIlQc2T3ZLURf5nI8uaZB+WO+/U5Es=; path=/; expires=Thu, 14-Oct-21 11:17:01 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
cf-ray
69e03a2b7f195c0e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag
noindex, follow
counters.gif
perf.hsforms.com/embed/v3/ 		35 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.89.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-hubspot-correlation-id
862d4b1a-16a9-463c-a58b-6f6c352771a2
cf-ray
69e03a2b8bed64cd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35
server
cloudflare
x-trace
2BC575EC2D0E1FA3549CF69A0019B603BB0C853945000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
cta-loaded.js
go.shiftleft.io/hs/cta/ctas/v2/public/cs/ 		0
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=3887453&pg=a6b5fb50-0fb1-4d98-b21c-2ddf54b1d4b0&lt=1634208420235&dt=1634208421472&at=1634208421731&ae=1&sl=1&an=1
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/hs/cta/cta/current.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=3887453&pg=a6b5fb50-0fb1-4d98-b21c-2ddf54b1d4b0&lt=1634208420235&dt=1634208421472&at=1634208421731&ae=1&sl=1&an=1
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419; _gcl_au=1.1.201509893.1634208420; sl.ft_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; sl.lt_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; _rdt_uuid=1634208420391.dd4a28dc-037c-4b9a-8fa8-ce751ddecbbd; _hjid=3a9c127c-4f18-4435-8d6a-9fcb74bffdc4; _hjFirstSeen=1; ajs_anonymous_id=85421b71-700e-43ea-8028-729b48bfcb1c; _ga=GA1.2.80610403.1634208421; _gid=GA1.2.2035684726.1634208421; _gat=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; __hstc=174850045.b25c62a3b80fb7c9f3aec2c114e5a3bc.1634208421470.1634208421470.1634208421470.1; hubspotutk=b25c62a3b80fb7c9f3aec2c114e5a3bc; __hssrc=1; __hssc=174850045.1.1634208421470
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-hubspot-correlation-id
8768331d-4def-43db-a89e-e272d9c0a335
x-trace
2B7A19BB82F6B6A151EC1A8FE5E5EF27EDEF3469B0000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EnbejtLpPkQtOIGcF9AtNLlqouThwvyRobCZna%2FyrjO9QdmDg8syAVm911Bd5xV5AyGUMxDUdXZIKzlFU0z%2BWdvA1%2B2426Syd1KcNfP1sLVW1bTgrK%2FeDffiQUtpsYKoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, no-cache, no-store
set-cookie
__cf_bm=lKNJHaEHPI1d0Zn4bztF.JTPWL1AkYgIPuLyu8uvTkg-1634208421-0-Af3J1wkLLxdnpMFyC1OekGIVvTvIPisOlV5BfOXuXzF79QEtwU8D99F94XSme7KzklziFhIamSIRFoIaFCXGqqc=; path=/; expires=Thu, 14-Oct-21 11:17:01 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
cf-ray
69e03a2bdfe25c0e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag
noindex, follow
cta-loaded.js
go.shiftleft.io/hs/cta/ctas/v2/public/cs/ 		0
889 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=3887453&pg=a6b5fb50-0fb1-4d98-b21c-2ddf54b1d4b0&lt=1634208420235&dt=1634208421472&at=1634208421732&ae=1&sl=1&an=1
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/hs/cta/cta/current.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=3887453&pg=a6b5fb50-0fb1-4d98-b21c-2ddf54b1d4b0&lt=1634208420235&dt=1634208421472&at=1634208421732&ae=1&sl=1&an=1
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419; _gcl_au=1.1.201509893.1634208420; sl.ft_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; sl.lt_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; _rdt_uuid=1634208420391.dd4a28dc-037c-4b9a-8fa8-ce751ddecbbd; _hjid=3a9c127c-4f18-4435-8d6a-9fcb74bffdc4; _hjFirstSeen=1; ajs_anonymous_id=85421b71-700e-43ea-8028-729b48bfcb1c; _ga=GA1.2.80610403.1634208421; _gid=GA1.2.2035684726.1634208421; _gat=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; __hstc=174850045.b25c62a3b80fb7c9f3aec2c114e5a3bc.1634208421470.1634208421470.1634208421470.1; hubspotutk=b25c62a3b80fb7c9f3aec2c114e5a3bc; __hssrc=1; __hssc=174850045.1.1634208421470
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-hubspot-correlation-id
b0aa2ba9-ca9a-49f0-ba46-c1523eff5856
x-trace
2BAA53FDA51EA6852F236BEB0EF140F3DAC65EEE31000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0%2BKqWm75XTGf9218sy0Kpfi2zxBWUy1AJxFTO%2BrRPm7pI482%2BBr3IzznMddbx5YmsHCB59mmd5NmzdbqXGC4oll0qRpRPH4wF%2FXgNsLZHFikC%2BPExR5NyAvHJonGZ0cvg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, no-cache, no-store
set-cookie
__cf_bm=99Gw2AAiGxfh8iijyPoUvozOA3Or59_ag3T2aa1DA8I-1634208421-0-AfhsrN8z1PcSmAQG7t5voECa/VtbT1k+Ma3mhTl57BO2BTj1g0R9x5WtvF7XAYNvHCnAWdwkEoNNdH9FspjjjJs=; path=/; expires=Thu, 14-Oct-21 11:17:01 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
cf-ray
69e03a2bdfe35c0e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag
noindex, follow
cta-loaded.js
go.shiftleft.io/hs/cta/ctas/v2/public/cs/ 		0
898 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=3887453&pg=a5afdb02-9541-4ffe-9084-e5ed79114f57&lt=1634208420239&dt=1634208421473&at=1634208421738&ae=1&sl=1&an=1
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/hs/cta/cta/current.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=3887453&pg=a5afdb02-9541-4ffe-9084-e5ed79114f57&lt=1634208420239&dt=1634208421473&at=1634208421738&ae=1&sl=1&an=1
pragma
no-cache
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419; _gcl_au=1.1.201509893.1634208420; sl.ft_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; sl.lt_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; _rdt_uuid=1634208420391.dd4a28dc-037c-4b9a-8fa8-ce751ddecbbd; _hjid=3a9c127c-4f18-4435-8d6a-9fcb74bffdc4; _hjFirstSeen=1; ajs_anonymous_id=85421b71-700e-43ea-8028-729b48bfcb1c; _ga=GA1.2.80610403.1634208421; _gid=GA1.2.2035684726.1634208421; _gat=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; __hstc=174850045.b25c62a3b80fb7c9f3aec2c114e5a3bc.1634208421470.1634208421470.1634208421470.1; hubspotutk=b25c62a3b80fb7c9f3aec2c114e5a3bc; __hssrc=1; __hssc=174850045.1.1634208421470
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:02 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-hubspot-correlation-id
0bf5387f-2f54-4a4a-9c97-1fd868d9007b
x-trace
2B9FC7F46FFA631DD816F81B6F7BE48FA68BCFDA20000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qutPur6qBxQEehNuPK3yFJQBADyvrxygSYNwWg3%2Fjx%2Fk3FgzYSh%2BKwd9MP0tzgmjKhFlHN6%2Brst%2FrG92DCo9C39RQLZzOjF%2BcAmuUYwo5EqzD%2FnF6Z9BNcEwVB05A7e1ag%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, no-cache, no-store
set-cookie
__cf_bm=rcwnvcSWeE6r.AZoG5t_ylKC1Z9K8nYcn3tW7YVeyLE-1634208422-0-AUOrmURYAHTB+cSvQFH4+wOvViGZCCCCLfdoLXQ1DjS7hX8ripmXbQF45Cl779jN0b2YqKmIWT1mf24O4BGJmfk=; path=/; expires=Thu, 14-Oct-21 11:17:02 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
cf-ray
69e03a2bdfed5c0e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag
noindex, follow
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
8e170827cf6b2dfdb810cef652d70f9cbd9ff58f4242cb735622833b5ff69bd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:47:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14427
x-xss-protection
0
server
cafe
etag
14346040707932117602
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Oct 2021 10:47:01 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/0/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/0/?random=1634208421806&cv=9&fst=1634208421806&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaab0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&tiba=ShiftLeft%20%7C%20XStream%20Vulnerability%20Detection%20and%20Mitigation&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
711f0204de9a8546cc33466e7860306058a59d6a81e89a824e5badf0f02c1d7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 10:47:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1146
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/0/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/0/?random=1634208421806&cv=9&fst=1634205600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaab0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&tiba=ShiftLeft%20%7C%20XStream%20Vulnerability%20Detection%20and%20Mitigation&async=1&fmt=3&is_vtc=1&random=1840256558&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 10:47:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/0/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/0/?random=1634208421806&cv=9&fst=1634205600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaab0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&tiba=ShiftLeft%20%7C%20XStream%20Vulnerability%20Detection%20and%20Mitigation&async=1&fmt=3&is_vtc=1&random=1840256558&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 10:47:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
perf
go.shiftleft.io/_hcms/ 		2 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.shiftleft.io/_hcms/perf
Requested by
Host: go.shiftleft.io
URL: https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-fetch-mode
cors
origin
https://go.shiftleft.io
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
__cfruid=0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419; _gcl_au=1.1.201509893.1634208420; sl.ft_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; sl.lt_utm_params=eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9; _rdt_uuid=1634208420391.dd4a28dc-037c-4b9a-8fa8-ce751ddecbbd; _hjid=3a9c127c-4f18-4435-8d6a-9fcb74bffdc4; _hjFirstSeen=1; ajs_anonymous_id=85421b71-700e-43ea-8028-729b48bfcb1c; _ga=GA1.2.80610403.1634208421; _gid=GA1.2.2035684726.1634208421; _gat=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; __hstc=174850045.b25c62a3b80fb7c9f3aec2c114e5a3bc.1634208421470.1634208421470.1634208421470.1; hubspotutk=b25c62a3b80fb7c9f3aec2c114e5a3bc; __hssrc=1; __hssc=174850045.1.1634208421470
content-length
921
:path
/_hcms/perf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
go.shiftleft.io
referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://go.shiftleft.io/xstream-cve?utm_source=outreach&utm_medium=email&utm_content=campaign&utm_campaign=campaign_sca_xstream_07_2021&utm_term=&sfdc_campaign_id=7011I000000S2K8QAK
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/json

Response headers

cf-ray
69e03a3cfe155c0e-FRA
date
Thu, 14 Oct 2021 10:47:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-hubspot-correlation-id
e61790ec-3945-4bf0-a75d-47b8380e1626
x-trace
2BE932AF957055411977D55267E0CB1EF0D4734E4F000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HoYwTZdzj%2BiFiOTfY9kivZAwH%2Fexd17ggVGQEAj6myo9EjHJIvv2RFNz76OHiBZgRvL9tvCFUP3IoJMi1DQn0LKta0gJdbijL1Ijq5E79edKzzcP1iAshVC3xGIigCb1XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-credentials
false
x-robots-tag
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| hsjQuery object| _hsp object| analytics number| sf14gv object| AutopilotAnywhere object| Autopilot object| dataLayer object| _hsq object| hbspt object| google_tag_manager object| google_tag_data function| rdt string| _linkedin_partner_id object| _linkedin_data_partner_ids function| twq boolean| llcookieless function| hj object| _hjSettings string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| lintrk boolean| _already_called_lintrk object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| twttr boolean| PIXELS_RAN object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_loaded object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| AnalyticsNext object| hubspotDeps function| hubspotLoader object| google-tag-managerDeps function| google-tag-managerLoader object| hotjarDeps function| hotjarLoader object| google-analyticsDeps function| google-analyticsLoader object| bugsnagDeps function| bugsnagLoader object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate function| hubspotIntegration function| bugsnagIntegration function| google-tag-managerIntegration function| hotjarIntegration object| _hjSelf function| google-analyticsIntegration string| GoogleAnalyticsObject function| ga function| normalize function| __adroll__ string| adroll_sid object| __adroll function| adroll_tpc_callback function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage undefined| module_49209540916 function| i18n_getmessage function| i18n_getlanguage function| bindToWindowOnError object| globalRoot function| hns object| hubspot object| __hsRoot object| hspreserve undefined| React undefined| reqwest function| OutpostErrorReporter undefined| Pikaday function| hns2 function| hmerge undefined| I18n undefined| ReactDOM undefined| require undefined| requirejs undefined| define undefined| exports undefined| module undefined| bootstrap object| options object| HSFR function| hs_reqwest_0 object| hsVars string| _linkedin_data_partner_id function| jsonpHandler object| Bugsnag object| gaplugins object| gaGlobal object| gaData object| adroll_exp_list object| __adroll_consent_data boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hspb_ran string| default_css string| cta_css function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

28 Cookies

Domain/Path Name / Value
.go.shiftleft.io/ Name: __cfruid
Value: 0dff7e7cf45787641ca6b8f96f517e679fb4a5d9-1634208419
.shiftleft.io/ Name: _gcl_au
Value: 1.1.201509893.1634208420
.shiftleft.io/ Name: sl.ft_utm_params
Value: eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9
.shiftleft.io/ Name: sl.lt_utm_params
Value: eyJ1dG1fc291cmNlIjoib3V0cmVhY2giLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY29udGVudCI6ImNhbXBhaWduIiwidXRtX2NhbXBhaWduIjoiY2FtcGFpZ25fc2NhX3hzdHJlYW1fMDdfMjAyMSIsInV0bV90ZXJtIjoiIiwic2ZkY19jYW1wYWlnbl9pZCI6IjcwMTFJMDAwMDAwUzJLOFFBSyJ9
.shiftleft.io/ Name: _rdt_uuid
Value: 1634208420391.dd4a28dc-037c-4b9a-8fa8-ce751ddecbbd
.shiftleft.io/ Name: _hjid
Value: 3a9c127c-4f18-4435-8d6a-9fcb74bffdc4
.shiftleft.io/ Name: _hjFirstSeen
Value: 1
.hubspot.com/ Name: __cf_bm
Value: 04F14otbroDCRR_aKiOYasIL5lAWsHuTKzCTLX4yzCI-1634208420-0-AaMULeE3dZPtiyGtnU+cGHVG2V2Mf8ItdGKW1HIcMT7wV87o9OL8K3RRudYDiXEVwEaPeIU5kS5q8vDoRWiBg0M=
.linkedin.com/ Name: UserMatchHistory
Value: AQJqwp_sFHwLnwAAAXx-aZMxCrWG2ftPAqz-WQOGeWS7dJsbNOd3qTw9k8Rh3DNn_TLjMzMrKFispw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIH01YMegFnWgAAAXx-aZMx6-AKcQrDjXXvvBnfH9g_Fw-zg2dwkp8jqux9VlmwNTRy9hFr_rwELlzRd0Dmww
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&4145004d-143b-4b99-8227-7aaa429175ea"
.linkedin.com/ Name: lidc
Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2339:u=1:x=1:i=1634208420:t=1634294820:v=2:sig=AQHzeHPYfWBPbphFgOG1P8QHNCTdjhvi"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202110141047002a651bf8-a911-4fbc-8fa1-b7bb0cd1f8aaAQHdDHD-tRPmuxGbg1pF-8LKQ_aH7Uo2"
.shiftleft.io/ Name: ajs_anonymous_id
Value: 85421b71-700e-43ea-8028-729b48bfcb1c
.shiftleft.io/ Name: _ga
Value: GA1.2.80610403.1634208421
.shiftleft.io/ Name: _gid
Value: GA1.2.2035684726.1634208421
.shiftleft.io/ Name: _gat
Value: 1
go.shiftleft.io/ Name: _hjIncludedInPageviewSample
Value: 1
.shiftleft.io/ Name: _hjAbsoluteSessionInProgress
Value: 0
go.shiftleft.io/ Name: _hjIncludedInSessionSample
Value: 1
.twitter.com/ Name: personalization_id
Value: "v1_qBwy0IxTCc4YNkHiEFrjjA=="
.shiftleft.io/ Name: __hstc
Value: 174850045.b25c62a3b80fb7c9f3aec2c114e5a3bc.1634208421470.1634208421470.1634208421470.1
.shiftleft.io/ Name: hubspotutk
Value: b25c62a3b80fb7c9f3aec2c114e5a3bc
.shiftleft.io/ Name: __hssrc
Value: 1
.shiftleft.io/ Name: __hssc
Value: 174850045.1.1634208421470
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

3 Console Messages

Source Level URL
Text
network error URL: https://t.sf14g.com/sf14g.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://lltrck.com/scripts/lt-v3.js?llid=31200
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://api.autopilothq.com/anywhere/f7aaa69532764982a80d5dded9dcc3ebe5759c880a494fcb833a273e31fdf008?t=ShiftLeft%20%7C%20XStream%20Vulnerability%20Detection%20and%20Mitigation&u=https%3A%2F%2Fgo.shiftleft.io%2Fxstream-cve%3Futm_source%3Doutreach%26utm_medium%3Demail%26utm_content%3Dcampaign%26utm_campaign%3Dcampaign_sca_xstream_07_2021%26utm_term%3D%26sfdc_campaign_id%3D7011I000000S2K8QAK&r=
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.twitter.com
api.autopilothq.com
api.hubapi.com
api.segment.io
app.hubspot.com
cdn.jsdelivr.net
cdn.segment.com
cdnjs.cloudflare.com
d.adroll.com
d2wy8f7a9ursnm.cloudfront.net
fonts.googleapis.com
fs.hubspotusercontent00.net
go.shiftleft.io
googleads.g.doubleclick.net
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
lltrck.com
no-cache.hubspot.com
perf.hsforms.com
px.ads.linkedin.com
s.adroll.com
script.hotjar.com
shiftleftinc.orpluto.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
t.sf14g.com
track.hubspot.com
vars.hotjar.com
ws12.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
104.16.19.94
104.16.192.114
104.16.85.20
104.16.89.5
104.17.112.176
104.17.202.204
104.17.213.204
104.17.69.176
104.18.21.191
104.19.154.83
104.19.155.83
104.244.42.197
104.244.42.3
108.174.11.85
13.107.42.14
142.250.185.132
142.250.185.142
142.250.185.99
142.250.186.130
142.250.186.170
142.250.186.34
143.204.101.121
143.204.98.29
143.204.98.39
143.204.98.69
143.204.98.74
143.204.99.83
151.101.129.140
151.101.65.140
162.242.174.138
172.217.16.136
18.213.169.209
199.232.136.157
199.60.103.30
2.16.186.17
34.254.51.160
52.43.108.235
52.49.162.133
54.68.253.11
54.75.159.38
74.125.140.156
0172b5c7622f53811d0278522d26a9d9b9bb303cb78bd2d1a13599c1e8fa7e6d
01f42218fd8653a91a8b43c6684e9bbfad81618ed359e5b5154b181f85120865
02bfc0792607137745f4a91a7569037afef83eee2dde83866962522e71f81309
05e64b3a61994f5bd09a8ae38f52819dea10348b6c0d4d15a9e4d93caff8b670
062577a94d8d10814a1ae79f9faec844c9aff8ed2d158a8929a7bdebb10d331d
0aeba20a3cbf342f6ff788dd1dddede9969fdfcc5f02615e79353308fca6a48c
0b35ea131b4a879e1c6724056a858856522811a3268a1a96e0883f64fd406d85
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1579053f7798c480748c7a0880bcaad947aba2a908007eab8b39a6a66087af82
16d0efee1caa29277bde3f46a9116233c80e551ac0ed2ca985089833fbdfe4b1
1c68e2d8359b48ac128ccde0ef800c269bae8512ebcdee9d295924b48f5128a3
1f9906d27304d14fd1d3d923b9f466006338e06f77e6cc62b3f509c0367f5ab2
2123c72eea1d68955911ade4af6197120bebe8f4649bb3aebd9b4ab49cc34c58
2ad1c920d36b3551a4184b5497087355e89ba42a35a7f5185cd0f65cdc26ccfa
33a2539666bd703eb80ab21fa09b090a23f06573ea48b823c0f5d22bc9c70662
3580f6192b07e6adf20bee13a293fa896d94bfa1a6ae178a1dc2c0cdfdddee10
35c4e6153ca03a1c90a7b74444690c8f5af51fd2478275e595eeecb4d3c34320
368266073cedabe79acc9adde37bf60aeb37841d4c47f66535ec99a33023a7c2
37a87d1097aecc93209f6c9ae8cf982e27e72d51304ff701fabd94f0302aa044
3b98b770ede13e084c8799f8cb498b3828fccc59369d98c94d1fa9e3ae601c3f
4040b28aabc1749a3350c141fdd0c3306f3590a3046503433532881ac764a70a
421b1800e7b45151cbc1c0ddedb6fd783c0330cd295d3386cb2fdff8707c1573
43ac0ae9e90f01a0afabe35cc0aaa377336aac90759e74770251de89db0af44c
48a1b9aab2bc8c45341d83503f620a5315dc0d3a15e2a6b75db5bf908bbe6a79
4ac5790a8fe27424696e7443d926f47bfe86562c4c0239da8cc506012cf9286e
4ca462fcfb6ba0708dd81ba2ffced324c97d94b1bb40e4311d462415d2e56b51
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4f6c354b3765d8882f2a686316665cde54501f998665a20902825637fd6490b3
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5ad7b91941f455bd1260b2d44ab9de7b3cfc1fff40fb56c4798afef02d8d012e
5fb26daaca8ed734e3586c3365df9a258cab8eabe1f281f4ff244f492f11fa36
69aea70ed00c6297e407afc0b1ccf6db9629eedc412bf0779467f3e462d346e3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
711f0204de9a8546cc33466e7860306058a59d6a81e89a824e5badf0f02c1d7b
7125a66456daa35dd3e3e8cca4b9523e05caf0b4fa5bd5874676e7c6db40f3aa
71b76b1c33967b6c2373a3039e6e29d4ea001ef425f88dc412f6594c187d6186
774864cdc417c87b68a1603df11ed3df72562d9e75cf932ac0ab36805caa6e3c
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7b5e884ac6bca471440d62a21038e1b0342c4bc6e840388256b5f4137c2e666e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8596898c012b01f87c84d29aefac8708808dea09844f2adf6ff9d91e26403482
866b7cd9229083fc27dfc020660140e14dd2be5635e30d9c9b14ae05932fe1bd
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8e170827cf6b2dfdb810cef652d70f9cbd9ff58f4242cb735622833b5ff69bd3
931eb96470825bd9ec3af52ab23b5e2ec4ab00655e380a2cbc21a2fc5083a80f
a96a5652b510de9ce953b791de4a46fbd011c8156f914b7eec24f1250036c786
ab905a6626c29d0612a60bb7944b07ba2a1fd55c0f72ddc87913aa21c3d02fb5
ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad289824c40ba856f962118d3518301ff39746e2c529ab49df2f5334750bdfd8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af72f2d0cef4b1e683d81a872f7e9f2e6b6207ff5a7cd8105e9cdb7da47f59d7
b13a1a4e8af2d311b90f19a03c492a5bb951f43d82e5ba22b07e0ffa7db6d937
bea12d2fc4d003d697b920166661f3c6d7db15f30135fe367168170712180427
bfa92cb5104d5a2743844e91768bceaccd3daff2187659eee3aa69a6b6b0adb6
cf23a58c6f6775ecea9011b10b60f00283bf379fd031a0fc1809f4a2fcdc42fd
cfd8266e7f23d37dac9361d9814e7b434102bded307d84cb74e8fdd204c3cb90
d40a41723def70b4af303c98a8269de407ed39586596106e16c9e0be01942d72
d42e3c428f1422c65d407da359b81c3cebf11753c0904af02e73c1afbe92d16e
da8e0092596694fce832478a4fb972e2a705d315a2f058a1e8cfe04b37ccfc1d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd6ff4abdc26b47cce9925654a524b2f804fa7cadc9559ae7883b1fd04184e8c
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de4d41814a38bee65ae2f79930dd09a368e792d70716f8677e8d8ac28a9363c3
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4acf1920f3e883902ce5dc8c29a2d3ba106588f17d1c53ee4a6b90726f4d528
e65960ad3a1ccba3a26e0c6bf0f7b130850fb127fb1ab751e7fc936b0fc45166
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1631b2fe546278d4aa21edf21808efb4af78fe9aae87391bf41c2abf7b2b249
f1b3a12409a5f58e3789ee16c7819e1f9fed2e68453a2cc5700408110a444e36
f4d2a94092b9a30abb0156829e8a67b51848230b4c01fe30d4960fcf0ef38c85
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f80dd5462743bfbd2803c6062db35acc51d6db0a8e0f52bd453868dc04e3e5b9
fac32d93d574fed12ff1d222d4160c3068437f4f520ff4d6d7eb8ba71d188337
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3