orca.security Open in urlscan Pro
192.0.66.102 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Submission: On February 07 via api (February 7th 2024, 2:08:24 am UTC) from TR — Scanned from DE

Summary HTTP 233 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 44 IPs in 5 countries across 32 domains to perform 233 HTTP transactions. The main IP is 192.0.66.102, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is orca.security.
TLS certificate: Issued by Entrust Certification Authority - L1M on August 15th 2023. Valid for: a year.

This is the only time orca.security was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
101	192.0.66.102 192.0.66.102	2635 (AUTOMATTIC) (AUTOMATTIC)
14	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:214... 2600:9000:214f:9800:8:7bee:ac40:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2a04:4e42::644 2a04:4e42::644	54113 (FASTLY) (FASTLY)
7	104.17.70.206 104.17.70.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	88.221.60.75 88.221.60.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a05:d018:56f... 2a05:d018:56f:b804:6115:ed34:65c7:21ff	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:5200:8:8d2f:9e00:21	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1 3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:90e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1005	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:46::60 2620:1ec:46::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	2.17.100.193 2.17.100.193	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4	18.245.46.27 18.245.46.27	16509 (AMAZON-02) (AMAZON-02)
1 10	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	209.58.137.100 209.58.137.100	7203 (LEASEWEB-...) (LEASEWEB-USA-SFO)
1	2600:9000:211... 2600:9000:211e:3e00:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	4.227.249.197 4.227.249.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:ab0... 2a02:26f0:ab00::214:8e70	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.245.60.108 18.245.60.108	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:266... 2600:9000:266e:ba00:10:7994:d200:21	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	172.64.150.44 172.64.150.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.245.86.127 18.245.86.127	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:211... 2600:9000:211e:d600:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:880f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
233	44

101 192.0.66.102 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

orca.security	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:9800:8:7bee:ac40:93a1 (United States)

ASN16509 (AMAZON-02, US)

euob.itstarsbuilding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a04:4e42::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.17.70.206 (None, )

ASN13335 (CLOUDFLARENET, US)

try.orca.security	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.60.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a05:d018:56f:b804:6115:ed34:65c7:21ff (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

obseu.itstarsbuilding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:5200:8:8d2f:9e00:21 (United States)

ASN16509 (AMAZON-02, US)

ddzuuyx7zj81k.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:90e1 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1005 (United States)

ASN13335 (CLOUDFLARENET, US)

js.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.17.100.193 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-193.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

796-pbw-559.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.245.46.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-27.fra56.r.cloudfront.net

5f6b2d0bd0ea9d00689c778b.services.infinigrow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.58.137.100 (Hayward, United States)

ASN7203 (LEASEWEB-USA-SFO, US)

abzbmmyyoz-dsn.algolia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:3e00:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 4.227.249.197 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

u.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ab00::214:8e70 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.60.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-108.fra60.r.cloudfront.net

epsilon-cloudfront.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266e:ba00:10:7994:d200:21 (United States)

ASN16509 (AMAZON-02, US)

dss6ntp5q2r0o.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.150.44 (United States)

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-127.fra60.r.cloudfront.net

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211e:d600:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-cloudfront.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:880f (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
108	orca.security orca.security try.orca.security	7 MB
16	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4275 embed-ssl.wistia.com — Cisco Umbrella Rank: 8202 distillery.wistia.com — Cisco Umbrella Rank: 6443 embed-cloudfront.wistia.com	893 KB
14	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 364	163 KB
13	6sc.co j.6sc.co — Cisco Umbrella Rank: 5532 c.6sc.co — Cisco Umbrella Rank: 8403 ipv6.6sc.co — Cisco Umbrella Rank: 5709 b.6sc.co — Cisco Umbrella Rank: 3792	24 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	701 KB
11	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	71 KB
8	itstarsbuilding.com euob.itstarsbuilding.com obseu.itstarsbuilding.com — Cisco Umbrella Rank: 805066	39 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 747 u.clarity.ms — Cisco Umbrella Rank: 7265 c.clarity.ms — Cisco Umbrella Rank: 1351	28 KB
4	infinigrow.com 5f6b2d0bd0ea9d00689c778b.services.infinigrow.com	1 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6518	734 B
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	344 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 8358	3 KB
3	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349 px4.ads.linkedin.com — Cisco Umbrella Rank: 6550	2 KB
2	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4371	2 KB
2	6sense.com epsilon-cloudfront.6sense.com	870 B
2	algolia.net abzbmmyyoz-dsn.algolia.net	14 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1465 insight.adsrvr.org — Cisco Umbrella Rank: 637	3 KB
2	cloudfront.net ddzuuyx7zj81k.cloudfront.net dss6ntp5q2r0o.cloudfront.net	28 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3596	6 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2723 pixel.wp.com — Cisco Umbrella Rank: 2679	3 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 247	762 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 490	697 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	2 KB
1	mktoresp.com 796-pbw-559.mktoresp.com	318 B
1	qualified.com js.qualified.com — Cisco Umbrella Rank: 19342	155 KB
1	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 8429	1 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 745	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 783	16 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 567	295 B
0	twitter.com Failed analytics.twitter.com Failed
0	t.co Failed t.co Failed
233	32

	Domain	Requested by
101	orca.security	orca.security
14	cdn.cookielaw.org	orca.security cdn.cookielaw.org
11	fast.wistia.com	orca.security fast.wistia.com
10	www.google.com	1 redirects orca.security try.orca.security www.gstatic.com www.google.com
9	b.6sc.co	orca.security
7	www.gstatic.com	www.google.com www.gstatic.com
7	obseu.itstarsbuilding.com	euob.itstarsbuilding.com orca.security
7	try.orca.security	orca.security try.orca.security
4	fonts.gstatic.com	www.google.com
4	5f6b2d0bd0ea9d00689c778b.services.infinigrow.com	ddzuuyx7zj81k.cloudfront.net dss6ntp5q2r0o.cloudfront.net
4	www.google.de	orca.security
4	www.googletagmanager.com	orca.security www.googletagmanager.com euob.itstarsbuilding.com
3	embed-cloudfront.wistia.com	fast.wistia.com
3	js.zi-scripts.com	orca.security js.zi-scripts.com
3	u.clarity.ms	www.clarity.ms
3	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	ws.zoominfo.com	js.zi-scripts.com
2	c.clarity.ms	1 redirects
2	epsilon-cloudfront.6sense.com	j.6sc.co
2	abzbmmyyoz-dsn.algolia.net	orca.security
2	px.ads.linkedin.com	1 redirects snap.licdn.com
2	j.6sc.co	www.googletagmanager.com j.6sc.co
2	www.clarity.ms	orca.security www.clarity.ms
2	munchkin.marketo.net	orca.security munchkin.marketo.net
1	insight.adsrvr.org	js.adsrvr.org
1	distillery.wistia.com	fast.wistia.com
1	c.bing.com	1 redirects
1	dss6ntp5q2r0o.cloudfront.net	ddzuuyx7zj81k.cloudfront.net
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	www.googleadservices.com	www.googletagmanager.com
1	embed-ssl.wistia.com	orca.security
1	pixel.wp.com	orca.security
1	px4.ads.linkedin.com	orca.security
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	796-pbw-559.mktoresp.com	munchkin.marketo.net
1	js.adsrvr.org	www.googletagmanager.com
1	js.qualified.com	www.googletagmanager.com
1	tracking.g2crowd.com	orca.security
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	ddzuuyx7zj81k.cloudfront.net	orca.security
1	geolocation.onetrust.com	cdn.cookielaw.org
1	stats.wp.com	orca.security
1	euob.itstarsbuilding.com	orca.security
0	analytics.twitter.com Failed	orca.security
0	t.co Failed	orca.security
233	49

This site contains links to these domains. Also see Links.

Domain
app.orcasecurity.io
eu.app.orcasecurity.io
au.app.orcasecurity.io
us.gov.app.orcasecurity.io
twitter.com
www.linkedin.com
www.facebook.com
learn.microsoft.com
msrc.microsoft.com
utils.java
docs.cloudera.com
github1s.com
policies.google.com
support.orca.security
trustcenter.orca.security
www.youtube.com
www.g2.com
www.onetrust.com

Subject Issuer	Validity	Valid
orca.security Entrust Certification Authority - L1M	`2023-08-15` - `2024-08-15`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.itstarsbuilding.com Amazon RSA 2048 M01	`2023-07-18` - `2024-08-16`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
try.orca.security Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-16`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-24` - `2024-07-23`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
6sc.co R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
services.infinigrow.com Amazon RSA 2048 M02	`2023-05-27` - `2024-06-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
algolia.net Sectigo RSA Organization Validation Secure Server CA	`2024-01-04` - `2025-02-02`	a year	crt.sh
*.wistia.com Amazon RSA 2048 M02	`2024-01-01` - `2025-01-28`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-05-24` - `2024-06-21`	a year	crt.sh
zi-scripts.com GTS CA 1P5	`2024-01-30` - `2024-04-29`	3 months	crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Frame ID: 37D4FE3C3AF1A36991D899CD232EBA69
Requests: 211 HTTP requests in this frame

Frame: https://try.orca.security/index.php/form/XDFrame
Frame ID: 468C2400976411B21BBDC1A67495F5FA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly9vcmNhLnNlY3VyaXR5OjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=pbu7jsb03tfr
Frame ID: 0106F18AA3DB3C013C1EDCB6C2AB4EAA
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly9vcmNhLnNlY3VyaXR5OjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=8wgj82pqw3t3
Frame ID: DD47C409E55501EDE7A0449F7655358F
Requests: 8 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=5hq4tlq&ref=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&upid=wavfaxa&upv=1.1.0
Frame ID: 902B20CF3283924CABED59A56679B8AF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Azure HDInsight Privilege Escalation and Denial of Service Vulnerabilities | Orca SecurityBack ButtonFilter Button

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

233
Requests

97 %
HTTPS

57 %
IPv6

32
Domains

49
Subdomains

44
IPs

5
Countries

9346 kB
Transfer

15302 kB
Size

37
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://app.orcasecurity.io/login
Title: Login

Search URL Search Domain Scan URL

URL: https://app.orcasecurity.io/
Title: USA

Search URL Search Domain Scan URL

URL: https://eu.app.orcasecurity.io/
Title: Europe

Search URL Search Domain Scan URL

URL: https://au.app.orcasecurity.io/login
Title: Australia

Search URL Search Domain Scan URL

URL: https://us.gov.app.orcasecurity.io/
Title: US-Gov

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Azure%20HDInsight%3A%20The%20Sequel%20%26%238211%3B%20Unveiling%203%20New%20Vulnerabilities%20That%20Could%20Have%20Led%20to%20Privilege%20Escalations%20and%20Denial%20of%20Service&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/azure/hdinsight/hdinsight-release-notes
Title: October 26th security update

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/azure/hdinsight/hdinsight-upgrade-cluster
Title: Azure HDInsight upgrade instructions

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36419?cve=title
Title: CVE-2023-36419

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38156
Title: CVE-2023-38156

Search URL Search Domain Scan URL

URL: http://utils.java/
Title: Utils.java

Search URL Search Domain Scan URL

URL: https://docs.cloudera.com/HDPDocuments/Ambari-latest/administering-ambari/content/amb_understanding_cluster_roles.html
Title: https://docs.cloudera.com/HDPDocuments/Ambari-latest/administering-ambari/content/amb_understanding_cluster_roles.html

Search URL Search Domain Scan URL

URL: https://github1s.com/apache/oozie/blob/HEAD/core/src/main/java/org/apache/oozie/CoordinatorEngine.java#L372
Title: https://github1s.com/apache/oozie/blob/HEAD/core/src/main/java/org/apache/oozie/CoordinatorEngine.java#L372

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://support.orca.security/
Title: Support

Search URL Search Domain Scan URL

URL: https://trustcenter.orca.security/
Title: Security Portal

Search URL Search Domain Scan URL

URL: https://twitter.com/OrcaSec

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/orca-security/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/orcasecurity

Search URL Search Domain Scan URL

URL: https://www.g2.com/products/orca-security/reviews

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 142

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1707271697811&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1707271697811&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&e_ipv6=AQLCE3aNsU9UEwAAAY2BUrZaDBIGzVI0927clo-fY2qccCKF3Dcd9qW7BXjYHeSH7FB6eOY1

Request Chain 170

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/?random=1862868150&cv=11&fst=1707271698049&bg=ffffff&guid=ON&async=1&gtm=45be4250v9102553540za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&label=lhAwCM2ZnfUYEPC_sbcC&hn=www.googleadservices.com&frm=0&tiba=Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security&gtm_ee=1&npa=0&pscdl=noapi&auid=2017189719.1707271698&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=EubCZduWCrLox_AP2uOMyAI&sscte=1&crd=CIK9sQI&pscrd=Ek5DaEFJZ002SHJnWVFtNktaNS1pcHdOeFhFaVlBUjFkdThDVlhUWUVPNjBOMENnaUtwQVhjeFY3N3IybDhoSGxJU3VFRmhjZTg2a1dsc3caWkNoRUlnTTZIcmdZUTFJcnkxZW1MMi15V0FSSXVBQ1h6dk9lRTF5Z1FveVNQZzdFclFCU0YtcVhVZHpHSEtaR0xqX0twMXFyN1UtVk90RGU3cHQ2MnVVdlBRdyITCNvn6tiSmIQDFTL0EQgd2jEDKQ HTTP 302
https://www.google.com/pagead/1p-conversion/653025264/?random=1862868150&cv=11&fst=1707271698049&bg=ffffff&guid=ON&async=1&gtm=45be4250v9102553540za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&label=lhAwCM2ZnfUYEPC_sbcC&hn=www.googleadservices.com&frm=0&tiba=Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security&gtm_ee=1&npa=0&pscdl=noapi&auid=2017189719.1707271698&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQI&pscrd=Ek5DaEFJZ002SHJnWVFtNktaNS1pcHdOeFhFaVlBUjFkdThDVlhUWUVPNjBOMENnaUtwQVhjeFY3N3IybDhoSGxJU3VFRmhjZTg2a1dsc3caWkNoRUlnTTZIcmdZUTFJcnkxZW1MMi15V0FSSXVBQ1h6dk9lRTF5Z1FveVNQZzdFclFCU0YtcVhVZHpHSEtaR0xqX0twMXFyN1UtVk90RGU3cHQ2MnVVdlBRdyITCNvn6tiSmIQDFTL0EQgd2jEDKQ&is_vtc=1&ocp_id=EubCZduWCrLox_AP2uOMyAI&cid=CAQSKQAvHhf_x98Wk1o5wM9wrKknCUIiztL3LqF8g041q_63DCscfpIDvRB3&random=1859012405 HTTP 302
https://www.google.de/pagead/1p-conversion/653025264/?random=1862868150&cv=11&fst=1707271698049&bg=ffffff&guid=ON&async=1&gtm=45be4250v9102553540za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&label=lhAwCM2ZnfUYEPC_sbcC&hn=www.googleadservices.com&frm=0&tiba=Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security&gtm_ee=1&npa=0&pscdl=noapi&auid=2017189719.1707271698&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQI&pscrd=Ek5DaEFJZ002SHJnWVFtNktaNS1pcHdOeFhFaVlBUjFkdThDVlhUWUVPNjBOMENnaUtwQVhjeFY3N3IybDhoSGxJU3VFRmhjZTg2a1dsc3caWkNoRUlnTTZIcmdZUTFJcnkxZW1MMi15V0FSSXVBQ1h6dk9lRTF5Z1FveVNQZzdFclFCU0YtcVhVZHpHSEtaR0xqX0twMXFyN1UtVk90RGU3cHQ2MnVVdlBRdyITCNvn6tiSmIQDFTL0EQgd2jEDKQ&is_vtc=1&ocp_id=EubCZduWCrLox_AP2uOMyAI&cid=CAQSKQAvHhf_x98Wk1o5wM9wrKknCUIiztL3LqF8g041q_63DCscfpIDvRB3&random=1859012405&ipr=y

Request Chain 210

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=03FC7A029605458D9514BD02300FFDE3&RedC=c.clarity.ms&MXFR=35DDE9119E596AE12C0CFD0F9A59649D HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=03FC7A029605458D9514BD02300FFDE3&MUID=39A38F6FFA816F17021E9B71FB2D6EA4

233 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ 191 KB
39 KB 1002ms
900ms Document
text/html 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

d493c7b994b930abf394aecaa7b6fef4b1ea45a877fe46ee677fa80e6b9e50d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval' 796-pbw-559.mktoresp.com .algolianet.com .twitter.com .company-target.com .qualified.com boards.greenhouse.io cdn.cookielaw.org content.hotjar.io ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net .wistia.com embedwistia-a.akamaihd.net .wistia.net .onetrust.com .orca.security googleads.g.doubleclick.net .googleusercontent.com .marketo.net orca.security .wp.com .linkedin.com static.ads-twitter.com .hotjar.com stats.g.doubleclick.net t.co .demandbase.com tracking.g2crowd.com .hotjar.io wss wss://ws.hotjar.com wss://ws.qualified.com www.google-analytics.com .google.com .google.ad .google.ae .google.com.af .google.com.ag .google.al .google.am .google.co.ao .google.com.ar .google.as .google.at .google.com.au .google.az .google.ba .google.com.bd .google.be .google.bf .google.bg .google.com.bh .google.bi .google.bj .google.com.bn .google.com.bo .google.com.br .google.bs .google.bt .google.co.bw .google.by .google.com.bz .google.ca .google.cd .google.cf .google.cg .google.ch .google.ci .google.co.ck .google.cl .google.cm .google.cn .google.com.co .google.co.cr .google.com.cu .google.cv .google.com.cy .google.cz .google.de .google.dj .google.dk .google.dm .google.com.do .google.dz .google.com.ec .google.ee .google.com.eg .google.es .google.com.et .google.fi .google.com.fj .google.fm .google.fr .google.ga .google.ge .google.gg .google.com.gh .google.com.gi .google.gl .google.gm .google.gr .google.com.gt .google.gy .google.com.hk .google.hn .google.hr .google.ht .google.hu .google.co.id .google.ie .google.co.il .google.im .google.co.in .google.iq .google.is .google.it .google.je .google.com.jm .google.jo .google.co.jp .google.co.ke .google.com.kh .google.ki .google.kg .google.co.kr .google.com.kw .google.kz .google.la .google.com.lb .google.li .google.lk .google.co.ls .google.lt .google.lu .google.lv .google.com.ly .google.co.ma .google.md .google.me .google.mg .google.mk .google.ml .google.com.mm .google.mn .google.com.mt .google.mu .google.mv .google.mw .google.com.mx .google.com.my .google.co.mz .google.com.na .google.com.ng .google.com.ni .google.ne .google.nl .google.no .google.com.np .google.nr .google.nu .google.co.nz .google.com.om .google.com.pa .google.com.pe .google.com.pg .google.com.ph .google.com.pk .google.pl .google.pn .google.com.pr .google.ps .google.pt .google.com.py .google.com.qa .google.ro .google.ru .google.rw .google.com.sa .google.com.sb .google.sc .google.se .google.com.sg .google.sh .google.si .google.sk .google.com.sl .google.sn .google.so .google.sm .google.sr .google.st .google.com.sv .google.td .google.tg .google.co.th .google.com.tj .google.tl .google.tm .google.tn .google.to .google.com.tr .google.tt .google.com.tw .google.co.tz .google.com.ua .google.co.ug .google.co.uk .google.com.uy .google.co.uz .google.com.vc .google.co.ve .google.co.vi .google.com.vn .google.vu .google.ws .google.rs .google.co.za .google.co.zm .google.co.zw .google.cat www.googleoptimize.com www.googletagmanager.com www.youtube.com .gravatar.com ad.doubleclick.net analytics.twitter.com boards.cdn.greenhouse.io fonts.gstatic.com mc.yandex.ru pagead2.googlesyndication.com pos.baidu.com translate.googleapis.com .bing.com region1.analytics.google.com api.mkmediaworks.com blob: https://orca.security/5fc9ffbb-97f6-4f2c-b9d4-572461ee66bf cdn.linkedin.oribi.io obseu.segreencolumn.com www.google.cn www.google.com.eg www.google.kg www.google.tm www.gstatic.com www.google.com.bo .adsrvr.org sentry.io euob.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com .clarity.ms www.googleadservices.com 5f6b2d0bd0ea9d00689c778b.services.infinigrow.com lh7-us.googleusercontent.com cm.g.doubleclick.net ssl.google-analytics.com www.facebook.com id.rlcdn.com dsum-sec.casalemedia.com partners.tremorhub.com pixel.rubiconproject.com s.w.org token.rubiconproject.com rapidsec.com munchkin.marketo.net o95209.ingest.sentry.io s3.eu-west-1.amazonaws.com translate-pa.googleapis.com .linkedin.com .algolia.net orca-2024.go-vip.net .6sc.co .6sense.com js.zi-scripts.com ws.zoominfo.com secure.adnxs.com; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' boards.greenhouse.io cdn.cookielaw.org ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net euob.segreencolumn.com fast.wistia.com fast.wistia.net go.orca.security googleads.g.doubleclick.net js.qualified.com munchkin.marketo.net orca.security pi.pardot.com script.hotjar.com static.ads-twitter.com static.hotjar.com stats.wp.com tag.demandbase.com tracking.g2crowd.com try.orca.security www.google-analytics.com www.googleoptimize.com www.googletagmanager.com connect.facebook.net www.google.com www.gstatic.com js.adsrvr.org edge.marker.io obseu.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com www.clarity.ms www.googleadservices.com tpc.googlesyndication.com snap.licdn.com .6sc.co .6sense.com; script-src-elem 'self' data: 'unsafe-inline' app.vwo.com boards.greenhouse.io cdn.cookielaw.org cdnjs.cloudflare.com connect.facebook.net ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net .wistia.com .wistia.net .orca.security googleads.g.doubleclick.net .qualified.com munchkin.marketo.net orca.security .hotjar.com ssl.google-analytics.com static.ads-twitter.com .wp.com .demandbase.com tpc.googlesyndication.com tracking.g2crowd.com .googleapis.com .google.com www.google-analytics.com www.googleadservices.com www.googleoptimize.com www.googletagmanager.com yoast.com rapidsec.com s3.eu-central-1.amazonaws.com www.gstatic.com www.youtube.com js.adsrvr.org edge.marker.io api.company-target.com euob.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com .clarity.ms obseu.segreencolumn.com snap.licdn.com shortstack.services.atlassian.com .google.ca .6sc.co .6sense.com js.zi-scripts.com; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline' orca.security .orca.security fonts.googleapis.com; style-src-elem 'self' data: 'unsafe-inline' .qualified.com fonts.googleapis.com .orca.security orca.security www.googletagmanager.com www.gstatic.com p.typekit.net .wp.com; style-src-attr 'unsafe-inline'; font-src 'self' data: assets.qualified.com fast.wistia.com fast.wistia.net fonts.gstatic.com github.com .fontawesome.com orca.security themes.googleusercontent.com use.typekit.net fonts.cdnfonts.com static.zip.co fonts.googleapis.com at.alicdn.com .orca.security .wp.com; media-src 'self' app.qualified.com .wistia.com embedwistia-a.akamaihd.net .wistia.net ssl.gstatic.com blob: data: www.youtube.com; object-src 'self' .wistia.com embedwistia-a.akamaihd.net orca.security; child-src 'self' app.qualified.com boards.greenhouse.io fast.wistia.com fast.wistia.net go.orca.security s.company-target.com try.orca.security www.youtube.com blob: .google.com .adsrvr.org insight.adsrvr.cn; frame-src 'self' 5gtvu7km85.execute-api.us-east-1.amazonaws.com .google.com app.qualified.com .opendns.com boards.greenhouse.io fast.wistia.com fast.wistia.net .orca.security orca.security s.company-target.com td.doubleclick.net tpc.googlesyndication.com www.googletagmanager.com www.youtube.com .adsrvr.cn .adsrvr.org app.marker.io lsrelay-config-production.s3.amazonaws.com obseu.segreencolumn.com obseu.itstarsbuilding.com schools-blocked.s3-website-us-east-1.amazonaws.com login.microsoftonline.us widgets.wp.com; worker-src blob:; frame-ancestors 'self'; form-action 'self' .orca.security orca.security; manifest-src 'self' orca.security .orca.security; report-uri https://osweb25b8034a79abb3.report-uri.com/r/t/csp/reportOnly
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=300, must-revalidate
content-encoding: br
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' 796-pbw-559.mktoresp.com *.algolianet.com *.twitter.com *.company-target.com *.qualified.com boards.greenhouse.io cdn.cookielaw.org content.hotjar.io ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net *.wistia.com embedwistia-a.akamaihd.net *.wistia.net *.onetrust.com *.orca.security googleads.g.doubleclick.net *.googleusercontent.com *.marketo.net orca.security *.wp.com *.linkedin.com static.ads-twitter.com *.hotjar.com stats.g.doubleclick.net t.co *.demandbase.com tracking.g2crowd.com *.hotjar.io wss wss://ws.hotjar.com wss://ws.qualified.com www.google-analytics.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat www.googleoptimize.com www.googletagmanager.com www.youtube.com *.gravatar.com ad.doubleclick.net analytics.twitter.com boards.cdn.greenhouse.io fonts.gstatic.com mc.yandex.ru pagead2.googlesyndication.com pos.baidu.com translate.googleapis.com *.bing.com region1.analytics.google.com api.mkmediaworks.com blob: https://orca.security/5fc9ffbb-97f6-4f2c-b9d4-572461ee66bf cdn.linkedin.oribi.io obseu.segreencolumn.com www.google.cn www.google.com.eg www.google.kg www.google.tm www.gstatic.com www.google.com.bo *.adsrvr.org sentry.io euob.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com *.clarity.ms www.googleadservices.com 5f6b2d0bd0ea9d00689c778b.services.infinigrow.com lh7-us.googleusercontent.com cm.g.doubleclick.net ssl.google-analytics.com www.facebook.com id.rlcdn.com dsum-sec.casalemedia.com partners.tremorhub.com pixel.rubiconproject.com s.w.org token.rubiconproject.com rapidsec.com munchkin.marketo.net o95209.ingest.sentry.io s3.eu-west-1.amazonaws.com translate-pa.googleapis.com *.linkedin.com *.algolia.net orca-2024.go-vip.net *.6sc.co *.6sense.com js.zi-scripts.com ws.zoominfo.com secure.adnxs.com; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' boards.greenhouse.io cdn.cookielaw.org ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net euob.segreencolumn.com fast.wistia.com fast.wistia.net go.orca.security googleads.g.doubleclick.net js.qualified.com munchkin.marketo.net orca.security pi.pardot.com script.hotjar.com static.ads-twitter.com static.hotjar.com stats.wp.com tag.demandbase.com tracking.g2crowd.com try.orca.security www.google-analytics.com www.googleoptimize.com www.googletagmanager.com connect.facebook.net www.google.com www.gstatic.com js.adsrvr.org edge.marker.io obseu.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com www.clarity.ms www.googleadservices.com tpc.googlesyndication.com snap.licdn.com *.6sc.co *.6sense.com; script-src-elem 'self' data: 'unsafe-inline' app.vwo.com boards.greenhouse.io cdn.cookielaw.org cdnjs.cloudflare.com connect.facebook.net ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net *.wistia.com *.wistia.net *.orca.security googleads.g.doubleclick.net *.qualified.com munchkin.marketo.net orca.security *.hotjar.com ssl.google-analytics.com static.ads-twitter.com *.wp.com *.demandbase.com tpc.googlesyndication.com tracking.g2crowd.com *.googleapis.com *.google.com www.google-analytics.com www.googleadservices.com www.googleoptimize.com www.googletagmanager.com yoast.com rapidsec.com s3.eu-central-1.amazonaws.com www.gstatic.com www.youtube.com js.adsrvr.org edge.marker.io api.company-target.com euob.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com *.clarity.ms obseu.segreencolumn.com snap.licdn.com shortstack.services.atlassian.com *.google.ca *.6sc.co *.6sense.com js.zi-scripts.com; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline' orca.security *.orca.security fonts.googleapis.com; style-src-elem 'self' data: 'unsafe-inline' *.qualified.com fonts.googleapis.com *.orca.security orca.security www.googletagmanager.com www.gstatic.com p.typekit.net *.wp.com; style-src-attr 'unsafe-inline'; font-src 'self' data: assets.qualified.com fast.wistia.com fast.wistia.net fonts.gstatic.com github.com *.fontawesome.com orca.security themes.googleusercontent.com use.typekit.net fonts.cdnfonts.com static.zip.co fonts.googleapis.com at.alicdn.com *.orca.security *.wp.com; media-src 'self' app.qualified.com *.wistia.com embedwistia-a.akamaihd.net *.wistia.net ssl.gstatic.com blob: data: www.youtube.com; object-src 'self' *.wistia.com embedwistia-a.akamaihd.net orca.security; child-src 'self' app.qualified.com boards.greenhouse.io fast.wistia.com fast.wistia.net go.orca.security s.company-target.com try.orca.security www.youtube.com blob: *.google.com *.adsrvr.org insight.adsrvr.cn; frame-src 'self' 5gtvu7km85.execute-api.us-east-1.amazonaws.com *.google.com app.qualified.com *.opendns.com boards.greenhouse.io fast.wistia.com fast.wistia.net *.orca.security orca.security s.company-target.com td.doubleclick.net tpc.googlesyndication.com www.googletagmanager.com www.youtube.com *.adsrvr.cn *.adsrvr.org app.marker.io lsrelay-config-production.s3.amazonaws.com obseu.segreencolumn.com obseu.itstarsbuilding.com schools-blocked.s3-website-us-east-1.amazonaws.com login.microsoftonline.us widgets.wp.com; worker-src blob:; frame-ancestors 'self'; form-action 'self' *.orca.security orca.security; manifest-src 'self' orca.security *.orca.security; report-uri https://osweb25b8034a79abb3.report-uri.com/r/t/csp/reportOnly
content-type: text/html; charset=UTF-8
date: Wed, 07 Feb 2024 02:08:16 GMT
feature-policy: *
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://orca.security/wp-json/>; rel="https://api.w.org/" <https://orca.security/wp-json/wp/v2/posts/61217>; rel="alternate"; type="application/json" <https://orca.security/?p=61217>; rel=shortlink
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000;includeSubdomains;preload
vary: Accept-Encoding
x-cache: EXPIRED
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-permitted-cross-domain-policies: none
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn1 123 243 443
x-xss-protection: 1; mode=block

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/a3c4add2-fbd3-4f71-9383-50362de53378/ 12 KB
3 KB 208ms
54ms Script
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a3c4add2-fbd3-4f71-9383-50362de53378/OtAutoBlock.js

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f51fac826bb43d5d239f767a2ec88b8da836610fb9cd6960aea9d6e4ffcf0d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 59124
content-md5: wAg1rUmqf4PH7EHGj+DLpw==
content-length: 3170
x-ms-lease-status: unlocked
last-modified: Mon, 13 Nov 2023 14:30:28 GMT
server: cloudflare
etag: 0x8DBE455156899BB
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b09ce5e6-f01e-002b-80cd-21b94f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8518158b1edb1ca3-FRA
expires: Thu, 08 Feb 2024 02:08:17 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 203ms
49ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dulN1EiikhiO8GlkrdtHlg==
age: 71632
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6838
x-ms-lease-status: unlocked
last-modified: Mon, 05 Feb 2024 17:46:31 GMT
server: cloudflare
etag: 0x8DC2672631E21FF
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b3236ebc-601e-0080-51a9-58c685000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8518158b1edc1ca3-FRA

GET
H2 200 7432380ce3d59e6e299bcd0897e20b99.js Show response
euob.itstarsbuilding.com/sxp/i/ 100 KB
37 KB 164ms
37ms Script
text/javascript 2600:9000:214f:9800:8:7bee:ac40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://euob.itstarsbuilding.com/sxp/i/7432380ce3d59e6e299bcd0897e20b99.js
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9800:8:7bee:ac40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 85fa9e907131c0a08bd1323f6da094bb52e87d395a4830a494ba3e640ca8a233

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:06:50 GMT
content-encoding: gzip
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA53-C1
age: 32489
etag: "18fb4-sCyDjWAy1ChG0sKJs7L0xv0I9Oc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 37355
x-amz-cf-id: OyLp9LrHgLUM6fE27KxopSpSgdL2yEUgJhdhOS5uPRPf8eG-3KX4_g==
expires: Wed, 07 Feb 2024 05:06:48 GMT

GET
H2 200 style.min.css
orca.security/wp-includes/css/dist/block-library/ 108 KB
15 KB 114ms
113ms Stylesheet
text/css 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/css/dist/block-library/style.min.css?ver=f5a50cdade277d9240a5a2d9f9f354b6

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:19 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"65b94ec3-1ae43"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 mediaelementplayer-legacy.min.css
orca.security/wp-includes/js/mediaelement/ 11 KB
3 KB 114ms
113ms Stylesheet
text/css 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:20 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"65b94ec4-2bf8"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 wp-mediaelement.min.css
orca.security/wp-includes/js/mediaelement/ 4 KB
1 KB 114ms
113ms Stylesheet
text/css 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=f5a50cdade277d9240a5a2d9f9f354b6

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:20 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"65b94ec4-105a"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 algolia-theme.css
orca.security/wp-content/themes/orca-2023/dist/css/ 22 KB
5 KB 114ms
113ms Stylesheet
text/css 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/dist/css/algolia-theme.css?ver=3d63cbaa5be84ba84c2f

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fb8189d5d2e3f2f0e73091ea2f1751bfb4e493de73849950bfa5e66fc0d616e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 06 Feb 2024 13:49:42 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"65c238f6-56e6"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 frontend.css
orca.security/wp-content/themes/orca-2023/dist/css/ 387 KB
50 KB 114ms
114ms Stylesheet
text/css 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/dist/css/frontend.css?ver=6df12e57908ee89c36db

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

62b094c8c6de4d9922f7df6ce3ef08cd6945cb34700145c37dd4e4fb8b324687

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 06 Feb 2024 13:49:42 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"65c238f6-60d18"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 jquery.min.js Show response
orca.security/wp-includes/js/jquery/ 86 KB
31 KB 114ms
114ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:20 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"65b94ec4-15601"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 jquery-migrate.min.js Show response
orca.security/wp-includes/js/jquery/ 13 KB
5 KB 115ms
114ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:20 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"65b94ec4-3509"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 logo-fully-white.svg
orca.security/wp-content/uploads/2021/07/ 6 KB
6 KB 56ms
44ms Image
image/svg+xml 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2021/07/logo-fully-white.svg

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e6d5bb155c0f8d862a1ce1cef045b3762649307c88a2543d6f76a4b735523855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 28 443
last-modified: Wed, 29 Nov 2023 09:17:59 GMT
server: nginx
etag: "bb7bbd21415442da"
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 5986

GET
H2 200 orca-security-logo-color-1.svg
orca.security/wp-content/uploads/2023/11/ 3 KB
4 KB 56ms
45ms Image
image/svg+xml 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2023/11/orca-security-logo-color-1.svg

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1039079733f5bd1fb167a570c65e6843547b9380c8d45d3ec3ba665a9dc15e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 83 443
last-modified: Wed, 29 Nov 2023 09:25:48 GMT
server: nginx
etag: "58364109b6fae5f6"
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 3495

GET
H2 200 avatar-lidor-ben.png
orca.security/wp-content/uploads/2022/01/ 9 KB
9 KB 65ms
64ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2022/01/avatar-lidor-ben.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

eb971e0c3bf577f2fb1e39766e5861285ecb849467cfe3ed64252430cc95c5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 28 443
last-modified: Tue, 06 Feb 2024 14:11:38 GMT
server: nginx
etag: "6b3d82c0eba8530d"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 9438

GET
H2 200 Blog_Azure-HDInsights-Sequel_Cover.jpg
orca.security/wp-content/uploads/2023/12/ 78 KB
78 KB 66ms
65ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2023/12/Blog_Azure-HDInsights-Sequel_Cover.jpg

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e728b459fb488fd5423a93f76b91d0b70689589ece46c379d76ab4364b4fc1e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 88 443
last-modified: Tue, 06 Feb 2024 15:46:11 GMT
server: nginx
etag: "f2e345bca7d6eb8e"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 80012

GET
H2 200 image-155.png
orca.security/wp-content/uploads/2024/01/ 31 KB
32 KB 65ms
65ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-155.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

84f3868dfda36ec5d88581f12edd89db12804a4ddaa40789b6a4b3872202a5fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 144 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "44d13bcafde5ab05"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 32252

GET
H2 200 image-156.png
orca.security/wp-content/uploads/2024/01/ 70 KB
70 KB 55ms
41ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-156.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b032706fdf93ea01a6a7e5788f4269c4fba9184967cdb055f831d265b6ab925e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 84 443
last-modified: Tue, 06 Feb 2024 15:46:20 GMT
server: nginx
etag: "f7aff8f9de430ad8"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 71564

GET
H2 200 image-406.png
orca.security/wp-content/uploads/2024/01/ 99 KB
99 KB 55ms
42ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-406.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1ede50389f3f336c156d47a0d369cac251fbb9e176939ff0ad4f752f94b87296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 28 443
last-modified: Tue, 06 Feb 2024 16:04:31 GMT
server: nginx
etag: "350f5cedcd2d32f2"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 101510

GET
H2 200 image-407.png
orca.security/wp-content/uploads/2024/01/ 19 KB
20 KB 69ms
58ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-407.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4434d44d437a163408220aa8e2885f8ffd90a179cd9cfb2d321e1dfd29b6bbb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 27 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "b9f8cc5f64ad763a"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 19796

GET
H2 200 image-408.png
orca.security/wp-content/uploads/2024/01/ 25 KB
25 KB 57ms
46ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-408.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3e58578e20d1c6f8bbb0587a4843e49b806704e5cd346c10ebe93f418d1814ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 142 443
last-modified: Tue, 06 Feb 2024 15:39:21 GMT
server: nginx
etag: "9a31a61945582eba"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 25708

GET
H2 200 image-409.png
orca.security/wp-content/uploads/2024/01/ 59 KB
59 KB 61ms
50ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-409.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9427d52ab5fb6d550d7d77b8d2ca2890a3b55121f26c71cd081ac031e2c16c9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 84 443
last-modified: Tue, 06 Feb 2024 15:46:19 GMT
server: nginx
etag: "99090f461c19918e"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 60066

GET
H2 200 image-410.png
orca.security/wp-content/uploads/2024/01/ 24 KB
24 KB 114ms
103ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-410.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9d2e1f7c74ee7d8f55624dba11806f1e94e7fe5770232429bf37247a7bdf5a08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 200 443
last-modified: Tue, 06 Feb 2024 15:46:11 GMT
server: nginx
etag: "2bcba4fea7b0cc73"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 24798

GET
H2 200 image-411.png
orca.security/wp-content/uploads/2024/01/ 36 KB
36 KB 115ms
104ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-411.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9fe294dd92bae24a09f466290e3daf5dbebb6a2dfed460c72b2d4ec8fefd337d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 32 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "f40701dcf9fb7438"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 36856

GET
H2 200 image-412.png
orca.security/wp-content/uploads/2024/01/ 26 KB
26 KB 115ms
104ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-412.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

915387bf75776249ae1c1be9429669d5120eaf4592d77fe3ec18bb67365080be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 200 443
last-modified: Tue, 06 Feb 2024 15:46:11 GMT
server: nginx
etag: "a6d8702f14fba80e"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 26490

GET
H2 200 image-413.png
orca.security/wp-content/uploads/2024/01/ 29 KB
29 KB 115ms
104ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-413.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2cfeefc415877d8864e9c4f1b95d3785297407cf7a8cf5d90d2c6fda421a41d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 28 443
last-modified: Tue, 06 Feb 2024 16:04:30 GMT
server: nginx
etag: "4e53d2ebb0f52d00"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 29698

GET
H2 200 image-414.png
orca.security/wp-content/uploads/2024/01/ 13 KB
13 KB 115ms
104ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-414.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

383077e47cf3dbb3c42bbde97294c69f704d251c0c0eb5ab839b87c7565aff79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 27 443
last-modified: Tue, 06 Feb 2024 15:39:21 GMT
server: nginx
etag: "1983b84606ca406e"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 13494

GET
H2 200 image-415.png
orca.security/wp-content/uploads/2024/01/ 72 KB
72 KB 103ms
93ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-415.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

00d983ce9c2db4c5f5672f77a5a3e10c609e9ad4148aa89ec3df51f2dc1e779b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 198 443
last-modified: Tue, 06 Feb 2024 15:46:19 GMT
server: nginx
etag: "b96e14a2654f4f8f"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 73242

GET
H2 200 image-416.png
orca.security/wp-content/uploads/2024/01/ 60 KB
60 KB 104ms
93ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-416.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

62a3262aea8befe6e0ebdbe600be46e7396cb297b11755482776ec78b8d2765f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 27 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "5b834b6e4d1ac323"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 61558

GET
H2 200 image-417.png
orca.security/wp-content/uploads/2024/01/ 22 KB
22 KB 115ms
104ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-417.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

99ebee226746d25c55a25ea2d9a4b8d1d28893fabbcda92ae7a3adb648ec25aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 142 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "d7d078c56e6e100a"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 22564

GET
H2 200 image-418.png
orca.security/wp-content/uploads/2024/01/ 48 KB
48 KB 115ms
105ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-418.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

04d9098bdbd3c1231d3dc51643ff72785b9fa919676cda7936ca24433d144232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 196 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "9710acb2b35344d7"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 48988

GET
H2 200 image-419.png
orca.security/wp-content/uploads/2024/01/ 67 KB
67 KB 116ms
106ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-419.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0b4f9731e356605b5e26444de20bc8c2a5295e5e3359bb76b6006d25536b8da6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 32 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "2f47a282abe45c72"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 68204

GET
H2 200 image-420.png
orca.security/wp-content/uploads/2024/01/ 295 KB
295 KB 103ms
93ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-420.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b185aaeb02a3922c60ee4489b5e29072f370bbb27462a35a8443c53f2bf9ef62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 88 443
last-modified: Tue, 06 Feb 2024 16:04:30 GMT
server: nginx
etag: "1cb288d10547ffd3"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 301632

GET
H2 200 image-421.png
orca.security/wp-content/uploads/2024/01/ 34 KB
34 KB 115ms
105ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-421.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f5f4037aae149a7ecc7f0ac0aacc4389181ca29b8232ced5423faf71229367e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 142 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "026756a48af49ca1"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 34356

GET
H2 200 image-422.png
orca.security/wp-content/uploads/2024/01/ 232 KB
232 KB 103ms
94ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-422.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a6bb7efba5e9e1282a6ad4b644f5ba3fa12578664f28a4019b0d1cfcda3c5dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 83 443
last-modified: Tue, 06 Feb 2024 19:19:44 GMT
server: nginx
etag: "4d158fbf8c9c8484"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 237390

GET
H2 200 image-423.png
orca.security/wp-content/uploads/2024/01/ 219 KB
219 KB 103ms
94ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-423.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

62c361119951ce313444e6c5e1ef241e3a12dc43f88bfb25dddd304cefef913e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 28 443
last-modified: Tue, 06 Feb 2024 16:04:31 GMT
server: nginx
etag: "6c2df6d888c25de4"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 223992

GET
H2 200 image-424.png
orca.security/wp-content/uploads/2024/01/ 358 KB
359 KB 103ms
94ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-424.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cb42ca94cfebcec64f4c5f01a67af01b6ac1fb851e2b97e3cf30d3bd7093d2ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 195 443
last-modified: Tue, 06 Feb 2024 15:46:20 GMT
server: nginx
etag: "3605cfb6d89c195f"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 366562

GET
H2 200 image-425.png
orca.security/wp-content/uploads/2024/01/ 19 KB
19 KB 115ms
105ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-425.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

585bdce5d5518653bacf3e7ed038370ea4974eef6ecc8647bd0107a50b771d15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 196 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "f116e5a4d3a3dbb5"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 19462

GET
H2 200 image-426.png
orca.security/wp-content/uploads/2024/01/ 10 KB
10 KB 114ms
105ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-426.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e24bd3998ec466450d4bba6e92f351a8a429369148f2697e9ee33d26cbcab364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 86 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "0f3df26f6bf34c97"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 9926

GET
H2 200 image-427.png
orca.security/wp-content/uploads/2024/01/ 14 KB
14 KB 114ms
105ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-427.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5b142c8284409f7a1c6a7d89ad708ff0548be568b43816a721f8e30daec476ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 83 443
last-modified: Tue, 06 Feb 2024 19:18:55 GMT
server: nginx
etag: "9f7686bc1e6b0c15"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 14372

GET
H2 200 image-428.png
orca.security/wp-content/uploads/2024/01/ 61 KB
62 KB 115ms
106ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-428.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d3b51c510f7d2a3ee7c9e1990c712879db89bc8bac614b30add22f61b74d2a53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 30 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "1e877c1453d7c8e7"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 62910

GET
H2 200 image-429.png
orca.security/wp-content/uploads/2024/01/ 53 KB
53 KB 115ms
106ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-429.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0de9d165bf18a8f6c290ad0b391528bb7dca74732479dd3c46a8c4d9f6846235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 142 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "9af940eda3441155"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 53848

GET
H2 200 image-430.png
orca.security/wp-content/uploads/2024/01/ 48 KB
49 KB 114ms
106ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-430.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2362a00c5e70fc5a375f7d6ec03e9f1c6a44fff4a192023289aaa962a634ff17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 196 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "baa3e2111cd5c5a2"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 49498

GET
H2 200 image-431.png
orca.security/wp-content/uploads/2024/01/ 639 KB
640 KB 103ms
94ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-431.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2923c81904d1122f9d03aaa1315f3ab9767da4904bded7d776e6c8d6e7bc49e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 200 443
last-modified: Tue, 06 Feb 2024 15:46:19 GMT
server: nginx
etag: "af9395869a98f229"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 654368

GET
H2 200 image-432.png
orca.security/wp-content/uploads/2024/01/ 259 KB
259 KB 103ms
95ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-432.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1c430e4f8fdef1e696462cf37f9f258a960cb2295029cee4831461f5cafe9e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 142 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "59d30b3a6173b71c"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 265094

GET
H2 200 image-433.png
orca.security/wp-content/uploads/2024/01/ 53 KB
54 KB 103ms
95ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-433.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f9058b22f0c28da12ce86e24e517793315a78f2f4891d2674c4b70f6ceb8e481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 88 443
last-modified: Tue, 06 Feb 2024 16:04:30 GMT
server: nginx
etag: "e8190d82f7ea25ad"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 54526

GET
H2 200 image-448.png
orca.security/wp-content/uploads/2024/01/ 55 KB
56 KB 103ms
95ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-448.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ff2fcb47c87bece8773122f01642ca316eddf106d8d2667000d2ac2963f1f29a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 28 443
last-modified: Tue, 06 Feb 2024 16:04:30 GMT
server: nginx
etag: "02d5443a1f483c06"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 56754

GET
H2 200 image-449.png
orca.security/wp-content/uploads/2024/01/ 21 KB
21 KB 115ms
107ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-449.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c42c95c9fc7fe1aa2b76664feba1a262a2219640e7aded249408a579b5b7442d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 27 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "fb766b66877dba92"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 21626

GET
H2 200 image-450.png
orca.security/wp-content/uploads/2024/01/ 103 KB
103 KB 103ms
95ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-450.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e20c96db83bf094914b664379f2064d1ff98163d2edebc7b955374de2875f631

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 140 443
last-modified: Tue, 06 Feb 2024 23:20:55 GMT
server: nginx
etag: "1d5f46c28652931e"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 105126

GET
H2 200 image-451.png
orca.security/wp-content/uploads/2024/01/ 5 KB
5 KB 114ms
106ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-451.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e7b2c4427c0d8ccd45a7d3381a13801a6cbe8576c81584fbcf6d823149560d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 27 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "d77f924896020d65"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 5114

GET
H2 200 image-452.png
orca.security/wp-content/uploads/2024/01/ 233 KB
234 KB 103ms
95ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-452.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a9b39333ce603a1ceda459502309beb189da55aae93fa92ff7c41f9fab8fa0d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 86 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "9e1192a5b6961274"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 238660

GET
H2 200 image-453.png
orca.security/wp-content/uploads/2024/01/ 209 KB
210 KB 103ms
96ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-453.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

eced1a4c85eefaadd56a75120dff397474d171e7f24b0ffff7a98ac426e42ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 28 443
last-modified: Tue, 06 Feb 2024 16:04:31 GMT
server: nginx
etag: "f1171079d0ffa963"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 214510

GET
H2 200 image-454.png
orca.security/wp-content/uploads/2024/01/ 32 KB
32 KB 114ms
107ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-454.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dcb295c8fe68cee7b5f3ba9cc489f9a2d88d11d4612777ef0609a3c5f38935f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 88 443
last-modified: Tue, 06 Feb 2024 15:46:11 GMT
server: nginx
etag: "bb319a0438e2a32c"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 32446

GET
H2 200 image-455.png
orca.security/wp-content/uploads/2024/01/ 212 KB
212 KB 103ms
96ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-455.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5a2a4e488576ac609d10813578e0b7f7406dbec79b73d3e07743e6a892c28e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 196 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "42f6455ed01229cd"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 216922

GET
H2 200 image-456.png
orca.security/wp-content/uploads/2024/01/ 28 KB
29 KB 114ms
107ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-456.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f6016ce7fb7938e9118e1a0d29a1388f5aaa0b25bf7f65df70fb3e31422d0465

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 28 443
last-modified: Tue, 06 Feb 2024 16:04:30 GMT
server: nginx
etag: "9c675b4d0b66cf90"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 29120

GET
H2 200 image-457.png
orca.security/wp-content/uploads/2024/01/ 72 KB
72 KB 103ms
96ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-457.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c40e7ca259f84db3323098c01530bb15eff259c388fbc93b41f9c3c5b335c6dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 200 443
last-modified: Tue, 06 Feb 2024 15:46:19 GMT
server: nginx
etag: "925e2f77996e8847"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 73838

GET
H2 200 image-458.png
orca.security/wp-content/uploads/2024/01/ 304 KB
304 KB 103ms
96ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-458.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9f8b438d6e93fb1a7708d7de42b01e96b8b187fe5a717689dd0bc2847fdcb8c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 139 443
last-modified: Tue, 06 Feb 2024 15:46:20 GMT
server: nginx
etag: "0fdb9dbf195f820b"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 311072

GET
H2 200 image-459.png
orca.security/wp-content/uploads/2024/01/ 20 KB
20 KB 104ms
97ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-459.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

943127a312607490e9c6f19d006cc14acc56c8d7946eb8650921416a4fc0a6f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 27 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "e40a7ab1b8207e42"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 20254

GET
H2 200 image-460.png
orca.security/wp-content/uploads/2024/01/ 36 KB
36 KB 103ms
96ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-460.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2427db0a446c20e1d51d94c99803c2b60f7f0130b3d04117b9cfe61be77ad09d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 86 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "244d5e59af42b2c8"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 36834

GET
H2 200 image-461.png
orca.security/wp-content/uploads/2024/01/ 25 KB
25 KB 103ms
97ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-461.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3e58578e20d1c6f8bbb0587a4843e49b806704e5cd346c10ebe93f418d1814ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 83 443
last-modified: Tue, 06 Feb 2024 19:19:43 GMT
server: nginx
etag: "aa882b4cf2759588"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 25708

GET
H2 200 image-462.png
orca.security/wp-content/uploads/2024/01/ 59 KB
59 KB 103ms
97ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-462.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9427d52ab5fb6d550d7d77b8d2ca2890a3b55121f26c71cd081ac031e2c16c9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 32 443
last-modified: Tue, 06 Feb 2024 15:39:23 GMT
server: nginx
etag: "f55993436a62c840"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 60066

GET
H2 200 image-463.png
orca.security/wp-content/uploads/2024/01/ 24 KB
24 KB 114ms
107ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-463.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9d2e1f7c74ee7d8f55624dba11806f1e94e7fe5770232429bf37247a7bdf5a08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 84 443
last-modified: Tue, 06 Feb 2024 16:04:30 GMT
server: nginx
etag: "effb76712858e3f9"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 24798

GET
H2 200 image-464.png
orca.security/wp-content/uploads/2024/01/ 36 KB
36 KB 104ms
97ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-464.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bee7c68dfa7f1cd2d606bf22dc1710ff295a7c842c4fcd6f165c3398b20b30c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 86 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "fc2cc89bdb3c625e"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 37012

GET
H2 200 image-465.png
orca.security/wp-content/uploads/2024/01/ 40 KB
40 KB 104ms
97ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-465.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

baa629af82ac18d562be09963b07752911c5fbddd40ddeeac82cd4cad9e0b0ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 83 443
last-modified: Tue, 06 Feb 2024 19:19:43 GMT
server: nginx
etag: "e2c8d9c4b60f79c4"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 40856

GET
H2 200 image-466.png
orca.security/wp-content/uploads/2024/01/ 163 KB
163 KB 104ms
98ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-466.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b91cff392fbdad472a9d7da3966552ed21b1f419be23e207f34ce15b6f87085f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 200 443
last-modified: Tue, 06 Feb 2024 15:46:19 GMT
server: nginx
etag: "3882e3f3f2691497"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 166494

GET
H2 200 image-467.png
orca.security/wp-content/uploads/2024/01/ 414 KB
415 KB 104ms
98ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-467.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e65632b8cb6ac743d81953df761e8dd233cf7bf18bc179153180d0ce3bcef65c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 142 443
last-modified: Tue, 06 Feb 2024 15:39:23 GMT
server: nginx
etag: "29f750b52697cf20"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 424184

GET
H2 200 image-468.png
orca.security/wp-content/uploads/2024/01/ 219 KB
220 KB 104ms
98ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-468.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

be168a37f181bb9e9da6ac774305a1caafd8f60b774db0adab0c19cc4a9e2d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 195 443
last-modified: Tue, 06 Feb 2024 15:46:21 GMT
server: nginx
etag: "e36a3618246a0dea"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 224460

GET
H2 200 image-469.png
orca.security/wp-content/uploads/2024/01/ 190 KB
191 KB 113ms
107ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/image-469.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

54fc4e136dd938397d9004a9439be45964418fe04af69e90c60cc4107718fb0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 142 443
last-modified: Tue, 06 Feb 2024 15:39:22 GMT
server: nginx
etag: "daad14bdca6555c9"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 195016

GET
H2 200 ghms147sad.jsonp Show response
fast.wistia.com/embed/medias/ 6 KB
2 KB 417ms
287ms Script
application/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/ghms147sad.jsonp

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c26d64f0a485a7ab0ec09606b78be9b3d1383afff6efde548b386f939122984c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
x-player-privacy-mode: 1
x-content-type-options: nosniff
strict-transport-security: max-age=0
content-encoding: br
x-permitted-cross-domain-policies: none
via: 1.1 20f0d9cf6610f77242f5c592d2ecfd1c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: IAD89-C3
age: 38361
x-cache: Miss from cloudfront, HIT, MISS
x-envoy-upstream-service-time: 224
content-length: 1742
x-request-id: 859c2998-6d57-4e32-b2d6-d2a16c20c671
x-served-by: cache-iad-kiad7000046-IAD, cache-sof1510030-SOF
x-runtime: 0.221310
x-browser-version: 121
server: envoy
x-timer: S1707271697.346513,VS0,VE112
etag: W/"c26d64f0a485a7ab0ec09606b78be9b3"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: xpNxQcKTWSGgAxUv0iGJc8K-zZl8hBapVdpqj566FHoG8ti6p5ZQSQ==
x-cache-hits: 81, 0

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 764 KB
127 KB 189ms
60ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

567e9e8ca7d0f6f245c1f6dc1c4bc2684fc9c50a12ae88af7c202d990d8163cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1142
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 130334
x-served-by: cache-iad-kjyo7100038-IAD, cache-sof1510030-SOF
x-browser-version: 121
last-modified: Tue, 06 Feb 2024 20:48:11 GMT
server: AmazonS3
x-timer: S1707271697.346496,VS0,VE0
etag: "6654e0752cd330c541b11083d06e8056"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 5e0b4d0e73854d17e0336093d1241067c538a663
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 82, 37

GET
H2 200 swatch
fast.wistia.com/embed/medias/ghms147sad/ 2 KB
3 KB 416ms
287ms Image
image/jpeg 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/ghms147sad/swatch

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a27830e6bf605d0f7701f45b9e8cb7232b33b9eae671c595497129675c15b496

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
access-control-request-method: *
via: 1.1 9a7233ae68a3338294c89b1bf53bc426.cloudfront.net (CloudFront), 1.1 613faec4b883bfe2ebdd8a74d5006f4c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD61-P2, IAD89-C3
age: 40334
edge-cache-tag: 47d08a26e99ba844823f5bf420db70ad532f5db5
x-cache: Miss from cloudfront, HIT, MISS
x-envoy-upstream-service-time: 210
content-disposition: inline
content-length: 2271
x-served-by: cache-iad-kcgs7200128-IAD, cache-sof1510030-SOF
x-browser-version: 121
last-modified: Thu, 07 Dec 2023 04:40:52 UTC
server: envoy
x-timer: S1707271697.346487,VS0,VE110
etag: 14qaLcRLrKogPzl6KYZvfFWP_3s=
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Icd7gIAz2Gfm2r88wdbHohqJaE-Tt_H1ymbkAcyqlGDLsN7ElIn-vA==
x-cache-hits: 11, 0

GET
H2 200 featured-blue.svg
orca.security/wp-content/themes/orca-2023/assets/svg/ 1 KB
1 KB 104ms
98ms Image
image/svg+xml 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/svg/featured-blue.svg

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f7347c2b3c0649df0a10fdd68d29cc0ff17a250992a2f5f5cce375f71a9aa8d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 13 Nov 2023 13:29:22 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"655224b2-5a9"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 featured-white.svg
orca.security/wp-content/themes/orca-2023/assets/svg/ 592 B
633 B 104ms
99ms Image
image/svg+xml 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/svg/featured-white.svg

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f88eb9b6ea2ddecf6dab3e397c92e757e562f78dad657c7c96ba193966abea32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 13 Nov 2023 13:29:22 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"655224b2-250"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 avatar_bar-kaduri.png
orca.security/wp-content/uploads/2022/01/ 11 KB
12 KB 104ms
99ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2022/01/avatar_bar-kaduri.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

06fbf76bf46d824c5ff33fdddbaebc08954ed04c125ddb8c7f210309fcd4c88f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 84 443
last-modified: Tue, 06 Feb 2024 09:22:59 GMT
server: nginx
etag: "0eec4d6449895fb3"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 11748

GET
H2 200 avatar_orca_Deborah-Galea.png
orca.security/wp-content/uploads/2021/11/ 6 KB
6 KB 104ms
99ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2021/11/avatar_orca_Deborah-Galea.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b2b83686b998dca41fa8259ef256b506f1182507b7d2cf8740a506c4acc4189f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 140 443
last-modified: Tue, 06 Feb 2024 13:34:35 GMT
server: nginx
etag: "c53dc858e9696975"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 6064

GET
H2 200 Platform-Demo-Dashboard.png
orca.security/wp-content/uploads/2023/12/ 197 KB
198 KB 113ms
108ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2023/12/Platform-Demo-Dashboard.png?resize=2048,1291

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

005399c6c3716a18a1225732e29d7dcce77c8a093021161c0e00f4d6dda7e442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 30 443
last-modified: Tue, 06 Feb 2024 09:08:06 GMT
server: nginx
etag: "920afb5db92493b5"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 202186

GET
H2 200 forms2.min.js Show response
try.orca.security/js/forms2/js/ 199 KB
67 KB 596ms
149ms Script
application/x-javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://try.orca.security/js/forms2/js/forms2.min.js?ver=0.1.0

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be64da47ffc5fc1e40ba8205a0974330a76815e151e84ba365a750a7c96f1d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Jan 2024 00:21:30 GMT
server: cloudflare
etag: "2660616-31ad2-60e27d4627680"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 8518158e4fa058d8-TXL

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 764 KB
128 KB 181ms
52ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js?ver=0.1.0

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

567e9e8ca7d0f6f245c1f6dc1c4bc2684fc9c50a12ae88af7c202d990d8163cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1142
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 130334
x-served-by: cache-iad-kjyo7100038-IAD, cache-sof1510030-SOF
x-browser-version: 121
last-modified: Tue, 06 Feb 2024 20:48:11 GMT
server: AmazonS3
x-timer: S1707271697.346146,VS0,VE0
etag: "6654e0752cd330c541b11083d06e8056"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 5e0b4d0e73854d17e0336093d1241067c538a663
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 82, 36

GET
H2 200 wp-polyfill-inert.min.js Show response
orca.security/wp-includes/js/dist/vendor/ 8 KB
3 KB 54ms
41ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:19 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"65b94ec3-1feb"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 regenerator-runtime.min.js Show response
orca.security/wp-includes/js/dist/vendor/ 6 KB
3 KB 55ms
42ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:19 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"65b94ec3-19e1"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 wp-polyfill.min.js Show response
orca.security/wp-includes/js/dist/vendor/ 112 KB
36 KB 55ms
42ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:19 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"65b94ec3-1c1b7"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 hooks.min.js Show response
orca.security/wp-includes/js/dist/ 5 KB
2 KB 55ms
43ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:20 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"65b94ec4-1213"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 i18n.min.js Show response
orca.security/wp-includes/js/dist/ 9 KB
4 KB 55ms
43ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:20 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"65b94ec4-24e5"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 url.min.js Show response
orca.security/wp-includes/js/dist/ 9 KB
4 KB 56ms
43ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/dist/url.min.js?ver=b4979979018b684be209

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

65f976cffe2202ce71f130a2a4496ca28762a5323229d71ae014d1205c4ffdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:20 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"65b94ec4-259d"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 api-fetch.min.js Show response
orca.security/wp-includes/js/dist/ 5 KB
3 KB 56ms
43ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-includes/js/dist/api-fetch.min.js?ver=0fa4dabf8bf2c7adf21a

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

01c0908883c6fbc352a302170f1a8863b306b4f71cc11daea1da4c37f6d0acc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 30 Jan 2024 19:32:19 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"65b94ec3-1510"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 frontend.js Show response
orca.security/wp-content/themes/orca-2023/dist/js/ 117 KB
35 KB 56ms
44ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/dist/js/frontend.js?ver=6df12e57908ee89c36db

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

81cf9d1b824e048e06d4527737e0fed697c5c508620da288ad24a0df22ebca21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 06 Feb 2024 13:49:42 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"65c238f6-1d407"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 top-nav-search-algolia.js Show response
orca.security/wp-content/themes/orca-2023/dist/js/ 197 KB
48 KB 56ms
44ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/dist/js/top-nav-search-algolia.js?ver=cdaff79ecccd0bdb94e6

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

db1871ffa95c0cf965a3c672a924d2122a1faaf164961b82bc7b1b3273385a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 06 Feb 2024 13:49:42 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"65c238f6-3141f"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 e-202406.js Show response
stats.wp.com/ 7 KB
3 KB 127ms
42ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202406.js
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402356565.5398
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 03 Feb 2025 14:06:59 GMT

GET
H2 200 front.js Show response
orca.security/wp-content/plugins/code-block-pro/build/front/ 6 KB
3 KB 56ms
45ms Script
application/javascript 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/plugins/code-block-pro/build/front/front.js?ver=3753b142d9458e73e42a

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

72890f0cab51943c86cf1a54bbaf6486496c5244846dfa32169858fa19ddd6d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Fri, 02 Feb 2024 19:35:16 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"65bd43f4-1810"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 a3c4add2-fbd3-4f71-9383-50362de53378.json Show response
cdn.cookielaw.org/consent/a3c4add2-fbd3-4f71-9383-50362de53378/ 5 KB
2 KB 140ms
58ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a3c4add2-fbd3-4f71-9383-50362de53378/a3c4add2-fbd3-4f71-9383-50362de53378.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160dfc817c65edbb6c32670c6434046ad7ab624ac9bcfd9c1aa6694f3c922483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 16741
content-md5: Vkyox7nSV1/GNQmPlms2oA==
content-length: 1794
x-ms-lease-status: unlocked
last-modified: Mon, 13 Nov 2023 14:30:28 GMT
server: cloudflare
etag: 0x8DBE455153C8775
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3933e36a-401e-003e-31ad-21aefc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8518158bfcf85d8d-FRA
expires: Thu, 08 Feb 2024 02:08:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 303 KB
97 KB 146ms
57ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa27a7e4dadb5bba785cf325bc37f2be82be36b93d53efec5e3c1cd185b05bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99086
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 00:09:44 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Feb 2024 02:08:17 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 167ms
51ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 02:08:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
DATA 200
OK truncated
/ 482 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c01c3ea6d9369a98891f5f9bc59955329dc6df20da11121a935c24fa2b27ccd9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 189 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd967e1dbbe051fd7cc1029643231f25794da1cfabaa31efeae11c019c3d0e5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 research-pod-pattern.svg
orca.security/wp-content/themes/orca-2023/dist/svg/ 15 KB
2 KB 94ms
94ms Image
image/svg+xml 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/themes/orca-2023/dist/svg/research-pod-pattern.svg

Requested by

Host: orca.security
URL: https://orca.security/wp-content/themes/orca-2023/dist/css/frontend.css?ver=6df12e57908ee89c36db

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7babae28966f56b9b1c0a4ddb58fd902dbbc5e08faa3c6db5605d7ec5b6380f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orca.security/wp-content/themes/orca-2023/dist/css/frontend.css?ver=6df12e57908ee89c36db
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 06 Feb 2024 13:49:42 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"65c238f6-3d38"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 404 orca-research-pod.svg
orca.security/wp-content/themes/orca-2023/dist/images/ 99 KB
99 KB 850ms
850ms Image
text/html 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/themes/orca-2023/dist/images/orca-research-pod.svg

Requested by

Host: orca.security
URL: https://orca.security/wp-content/themes/orca-2023/dist/css/frontend.css?ver=6df12e57908ee89c36db

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

53f47324b4d0e63d370b1469fd420ea4ee200e1a4cb98682f43904b39fe37545

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval' 796-pbw-559.mktoresp.com .algolianet.com .twitter.com .company-target.com .qualified.com boards.greenhouse.io cdn.cookielaw.org content.hotjar.io ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net .wistia.com embedwistia-a.akamaihd.net .wistia.net .onetrust.com .orca.security googleads.g.doubleclick.net .googleusercontent.com .marketo.net orca.security .wp.com .linkedin.com static.ads-twitter.com .hotjar.com stats.g.doubleclick.net t.co .demandbase.com tracking.g2crowd.com .hotjar.io wss wss://ws.hotjar.com wss://ws.qualified.com www.google-analytics.com .google.com .google.ad .google.ae .google.com.af .google.com.ag .google.al .google.am .google.co.ao .google.com.ar .google.as .google.at .google.com.au .google.az .google.ba .google.com.bd .google.be .google.bf .google.bg .google.com.bh .google.bi .google.bj .google.com.bn .google.com.bo .google.com.br .google.bs .google.bt .google.co.bw .google.by .google.com.bz .google.ca .google.cd .google.cf .google.cg .google.ch .google.ci .google.co.ck .google.cl .google.cm .google.cn .google.com.co .google.co.cr .google.com.cu .google.cv .google.com.cy .google.cz .google.de .google.dj .google.dk .google.dm .google.com.do .google.dz .google.com.ec .google.ee .google.com.eg .google.es .google.com.et .google.fi .google.com.fj .google.fm .google.fr .google.ga .google.ge .google.gg .google.com.gh .google.com.gi .google.gl .google.gm .google.gr .google.com.gt .google.gy .google.com.hk .google.hn .google.hr .google.ht .google.hu .google.co.id .google.ie .google.co.il .google.im .google.co.in .google.iq .google.is .google.it .google.je .google.com.jm .google.jo .google.co.jp .google.co.ke .google.com.kh .google.ki .google.kg .google.co.kr .google.com.kw .google.kz .google.la .google.com.lb .google.li .google.lk .google.co.ls .google.lt .google.lu .google.lv .google.com.ly .google.co.ma .google.md .google.me .google.mg .google.mk .google.ml .google.com.mm .google.mn .google.com.mt .google.mu .google.mv .google.mw .google.com.mx .google.com.my .google.co.mz .google.com.na .google.com.ng .google.com.ni .google.ne .google.nl .google.no .google.com.np .google.nr .google.nu .google.co.nz .google.com.om .google.com.pa .google.com.pe .google.com.pg .google.com.ph .google.com.pk .google.pl .google.pn .google.com.pr .google.ps .google.pt .google.com.py .google.com.qa .google.ro .google.ru .google.rw .google.com.sa .google.com.sb .google.sc .google.se .google.com.sg .google.sh .google.si .google.sk .google.com.sl .google.sn .google.so .google.sm .google.sr .google.st .google.com.sv .google.td .google.tg .google.co.th .google.com.tj .google.tl .google.tm .google.tn .google.to .google.com.tr .google.tt .google.com.tw .google.co.tz .google.com.ua .google.co.ug .google.co.uk .google.com.uy .google.co.uz .google.com.vc .google.co.ve .google.co.vi .google.com.vn .google.vu .google.ws .google.rs .google.co.za .google.co.zm .google.co.zw .google.cat www.googleoptimize.com www.googletagmanager.com www.youtube.com .gravatar.com ad.doubleclick.net analytics.twitter.com boards.cdn.greenhouse.io fonts.gstatic.com mc.yandex.ru pagead2.googlesyndication.com pos.baidu.com translate.googleapis.com .bing.com region1.analytics.google.com api.mkmediaworks.com blob: https://orca.security/5fc9ffbb-97f6-4f2c-b9d4-572461ee66bf cdn.linkedin.oribi.io obseu.segreencolumn.com www.google.cn www.google.com.eg www.google.kg www.google.tm www.gstatic.com www.google.com.bo .adsrvr.org sentry.io euob.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com .clarity.ms www.googleadservices.com 5f6b2d0bd0ea9d00689c778b.services.infinigrow.com lh7-us.googleusercontent.com cm.g.doubleclick.net ssl.google-analytics.com www.facebook.com id.rlcdn.com dsum-sec.casalemedia.com partners.tremorhub.com pixel.rubiconproject.com s.w.org token.rubiconproject.com rapidsec.com munchkin.marketo.net o95209.ingest.sentry.io s3.eu-west-1.amazonaws.com translate-pa.googleapis.com .linkedin.com .algolia.net orca-2024.go-vip.net .6sc.co .6sense.com js.zi-scripts.com ws.zoominfo.com secure.adnxs.com; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' boards.greenhouse.io cdn.cookielaw.org ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net euob.segreencolumn.com fast.wistia.com fast.wistia.net go.orca.security googleads.g.doubleclick.net js.qualified.com munchkin.marketo.net orca.security pi.pardot.com script.hotjar.com static.ads-twitter.com static.hotjar.com stats.wp.com tag.demandbase.com tracking.g2crowd.com try.orca.security www.google-analytics.com www.googleoptimize.com www.googletagmanager.com connect.facebook.net www.google.com www.gstatic.com js.adsrvr.org edge.marker.io obseu.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com www.clarity.ms www.googleadservices.com tpc.googlesyndication.com snap.licdn.com .6sc.co .6sense.com; script-src-elem 'self' data: 'unsafe-inline' app.vwo.com boards.greenhouse.io cdn.cookielaw.org cdnjs.cloudflare.com connect.facebook.net ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net .wistia.com .wistia.net .orca.security googleads.g.doubleclick.net .qualified.com munchkin.marketo.net orca.security .hotjar.com ssl.google-analytics.com static.ads-twitter.com .wp.com .demandbase.com tpc.googlesyndication.com tracking.g2crowd.com .googleapis.com .google.com www.google-analytics.com www.googleadservices.com www.googleoptimize.com www.googletagmanager.com yoast.com rapidsec.com s3.eu-central-1.amazonaws.com www.gstatic.com www.youtube.com js.adsrvr.org edge.marker.io api.company-target.com euob.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com .clarity.ms obseu.segreencolumn.com snap.licdn.com shortstack.services.atlassian.com .google.ca .6sc.co .6sense.com js.zi-scripts.com; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline' orca.security .orca.security fonts.googleapis.com; style-src-elem 'self' data: 'unsafe-inline' .qualified.com fonts.googleapis.com .orca.security orca.security www.googletagmanager.com www.gstatic.com p.typekit.net .wp.com; style-src-attr 'unsafe-inline'; font-src 'self' data: assets.qualified.com fast.wistia.com fast.wistia.net fonts.gstatic.com github.com .fontawesome.com orca.security themes.googleusercontent.com use.typekit.net fonts.cdnfonts.com static.zip.co fonts.googleapis.com at.alicdn.com .orca.security .wp.com; media-src 'self' app.qualified.com .wistia.com embedwistia-a.akamaihd.net .wistia.net ssl.gstatic.com blob: data: www.youtube.com; object-src 'self' .wistia.com embedwistia-a.akamaihd.net orca.security; child-src 'self' app.qualified.com boards.greenhouse.io fast.wistia.com fast.wistia.net go.orca.security s.company-target.com try.orca.security www.youtube.com blob: .google.com .adsrvr.org insight.adsrvr.cn; frame-src 'self' 5gtvu7km85.execute-api.us-east-1.amazonaws.com .google.com app.qualified.com .opendns.com boards.greenhouse.io fast.wistia.com fast.wistia.net .orca.security orca.security s.company-target.com td.doubleclick.net tpc.googlesyndication.com www.googletagmanager.com www.youtube.com .adsrvr.cn .adsrvr.org app.marker.io lsrelay-config-production.s3.amazonaws.com obseu.segreencolumn.com obseu.itstarsbuilding.com schools-blocked.s3-website-us-east-1.amazonaws.com login.microsoftonline.us widgets.wp.com; worker-src blob:; frame-ancestors 'self'; form-action 'self' .orca.security orca.security; manifest-src 'self' orca.security .orca.security; report-uri https://osweb25b8034a79abb3.report-uri.com/r/t/csp/reportOnly
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orca.security/wp-content/themes/orca-2023/dist/css/frontend.css?ver=6df12e57908ee89c36db
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
date: Wed, 07 Feb 2024 02:08:18 GMT
content-security-policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' 796-pbw-559.mktoresp.com *.algolianet.com *.twitter.com *.company-target.com *.qualified.com boards.greenhouse.io cdn.cookielaw.org content.hotjar.io ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net *.wistia.com embedwistia-a.akamaihd.net *.wistia.net *.onetrust.com *.orca.security googleads.g.doubleclick.net *.googleusercontent.com *.marketo.net orca.security *.wp.com *.linkedin.com static.ads-twitter.com *.hotjar.com stats.g.doubleclick.net t.co *.demandbase.com tracking.g2crowd.com *.hotjar.io wss wss://ws.hotjar.com wss://ws.qualified.com www.google-analytics.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat www.googleoptimize.com www.googletagmanager.com www.youtube.com *.gravatar.com ad.doubleclick.net analytics.twitter.com boards.cdn.greenhouse.io fonts.gstatic.com mc.yandex.ru pagead2.googlesyndication.com pos.baidu.com translate.googleapis.com *.bing.com region1.analytics.google.com api.mkmediaworks.com blob: https://orca.security/5fc9ffbb-97f6-4f2c-b9d4-572461ee66bf cdn.linkedin.oribi.io obseu.segreencolumn.com www.google.cn www.google.com.eg www.google.kg www.google.tm www.gstatic.com www.google.com.bo *.adsrvr.org sentry.io euob.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com *.clarity.ms www.googleadservices.com 5f6b2d0bd0ea9d00689c778b.services.infinigrow.com lh7-us.googleusercontent.com cm.g.doubleclick.net ssl.google-analytics.com www.facebook.com id.rlcdn.com dsum-sec.casalemedia.com partners.tremorhub.com pixel.rubiconproject.com s.w.org token.rubiconproject.com rapidsec.com munchkin.marketo.net o95209.ingest.sentry.io s3.eu-west-1.amazonaws.com translate-pa.googleapis.com *.linkedin.com *.algolia.net orca-2024.go-vip.net *.6sc.co *.6sense.com js.zi-scripts.com ws.zoominfo.com secure.adnxs.com; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' boards.greenhouse.io cdn.cookielaw.org ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net euob.segreencolumn.com fast.wistia.com fast.wistia.net go.orca.security googleads.g.doubleclick.net js.qualified.com munchkin.marketo.net orca.security pi.pardot.com script.hotjar.com static.ads-twitter.com static.hotjar.com stats.wp.com tag.demandbase.com tracking.g2crowd.com try.orca.security www.google-analytics.com www.googleoptimize.com www.googletagmanager.com connect.facebook.net www.google.com www.gstatic.com js.adsrvr.org edge.marker.io obseu.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com www.clarity.ms www.googleadservices.com tpc.googlesyndication.com snap.licdn.com *.6sc.co *.6sense.com; script-src-elem 'self' data: 'unsafe-inline' app.vwo.com boards.greenhouse.io cdn.cookielaw.org cdnjs.cloudflare.com connect.facebook.net ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net *.wistia.com *.wistia.net *.orca.security googleads.g.doubleclick.net *.qualified.com munchkin.marketo.net orca.security *.hotjar.com ssl.google-analytics.com static.ads-twitter.com *.wp.com *.demandbase.com tpc.googlesyndication.com tracking.g2crowd.com *.googleapis.com *.google.com www.google-analytics.com www.googleadservices.com www.googleoptimize.com www.googletagmanager.com yoast.com rapidsec.com s3.eu-central-1.amazonaws.com www.gstatic.com www.youtube.com js.adsrvr.org edge.marker.io api.company-target.com euob.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com *.clarity.ms obseu.segreencolumn.com snap.licdn.com shortstack.services.atlassian.com *.google.ca *.6sc.co *.6sense.com js.zi-scripts.com; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline' orca.security *.orca.security fonts.googleapis.com; style-src-elem 'self' data: 'unsafe-inline' *.qualified.com fonts.googleapis.com *.orca.security orca.security www.googletagmanager.com www.gstatic.com p.typekit.net *.wp.com; style-src-attr 'unsafe-inline'; font-src 'self' data: assets.qualified.com fast.wistia.com fast.wistia.net fonts.gstatic.com github.com *.fontawesome.com orca.security themes.googleusercontent.com use.typekit.net fonts.cdnfonts.com static.zip.co fonts.googleapis.com at.alicdn.com *.orca.security *.wp.com; media-src 'self' app.qualified.com *.wistia.com embedwistia-a.akamaihd.net *.wistia.net ssl.gstatic.com blob: data: www.youtube.com; object-src 'self' *.wistia.com embedwistia-a.akamaihd.net orca.security; child-src 'self' app.qualified.com boards.greenhouse.io fast.wistia.com fast.wistia.net go.orca.security s.company-target.com try.orca.security www.youtube.com blob: *.google.com *.adsrvr.org insight.adsrvr.cn; frame-src 'self' 5gtvu7km85.execute-api.us-east-1.amazonaws.com *.google.com app.qualified.com *.opendns.com boards.greenhouse.io fast.wistia.com fast.wistia.net *.orca.security orca.security s.company-target.com td.doubleclick.net tpc.googlesyndication.com www.googletagmanager.com www.youtube.com *.adsrvr.cn *.adsrvr.org app.marker.io lsrelay-config-production.s3.amazonaws.com obseu.segreencolumn.com obseu.itstarsbuilding.com schools-blocked.s3-website-us-east-1.amazonaws.com login.microsoftonline.us widgets.wp.com; worker-src blob:; frame-ancestors 'self'; form-action 'self' *.orca.security orca.security; manifest-src 'self' orca.security *.orca.security; report-uri https://osweb25b8034a79abb3.report-uri.com/r/t/csp/reportOnly
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;includeSubdomains;preload
content-encoding: br
x-permitted-cross-domain-policies: none
x-powered-by: WordPress VIP <https://wpvip.com>
x-cache: EXPIRED
host-header: a9130478a60e5f9135f765b23f26593b
x-xss-protection: 1; mode=block
x-rq: hhn1 123 243 443
referrer-policy: no-referrer
server: nginx
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: max-age=31536000
feature-policy: *
link: <https://orca.security/wp-json/>; rel="https://api.w.org/"

GET
H2 200 mulish-v12-latin-500.woff2
orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/ 11 KB
11 KB 93ms
92ms Font
application/font-woff2 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/mulish-v12-latin-500.woff2

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

faf6e6e3573dc6f4be5e7efe63ccd97dbe4b5a63de4ca70f8587566ca91063e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 123 242 443
last-modified: Mon, 13 Nov 2023 13:29:22 GMT
server: nginx
etag: "655224b2-2bb4"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11188

GET
H2 200 mulish-v12-latin-regular.woff2
orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/ 11 KB
11 KB 93ms
92ms Font
application/font-woff2 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/mulish-v12-latin-regular.woff2

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ad234f0985f2142bb1fa3a281ddf2511d320f84f73422df2b2384f115b4b9131

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 123 242 443
last-modified: Mon, 13 Nov 2023 13:29:22 GMT
server: nginx
etag: "655224b2-2be0"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11232

GET
H2 200 mulish-v12-latin-600.woff2
orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/ 11 KB
11 KB 93ms
93ms Font
application/font-woff2 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/mulish-v12-latin-600.woff2

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

39a40c3f9c0f4b126a8484a03da4f80f6eee667072e86015a425c814e8843b15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 123 242 443
last-modified: Mon, 13 Nov 2023 13:29:22 GMT
server: nginx
etag: "655224b2-2bf0"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11248

GET
H2 200 manrope-v13-latin-500.woff2
orca.security/wp-content/themes/orca-2023/assets/fonts/manrope/ 13 KB
13 KB 92ms
92ms Font
application/font-woff2 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/fonts/manrope/manrope-v13-latin-500.woff2

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

45bc49e6099227777b8bc79c88e210c2c53a530c40b3ab0141a25b1f15b581fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 123 242 443
last-modified: Mon, 13 Nov 2023 13:29:22 GMT
server: nginx
etag: "655224b2-3460"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13408

GET
H2 200 orca.ttf
orca.security/wp-content/themes/orca-2023/assets/fonts/orca/ 5 KB
3 KB 92ms
92ms Font
application/font-ttf 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/fonts/orca/orca.ttf

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7b205f4a91ffaf2772eacbe701f3a4072c0875e6749b28ba1eecad9906fb8f41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 13 Nov 2023 13:29:22 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"655224b2-125c"
vary: Accept-Encoding
x-cache: HIT
content-type: application/font-ttf
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 mulish-v12-latin-700.woff2
orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/ 35 KB
35 KB 93ms
92ms Font
application/font-woff2 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/mulish-v12-latin-700.woff2

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

363afd630a0ffee17e99b5becafd03af75e353cee12162b372b8c921fb70fb71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 123 243 443
last-modified: Mon, 13 Nov 2023 13:29:22 GMT
server: nginx
etag: "655224b2-8c84"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 35972

GET
H2 200 sys-all-real-world-blog-1980.png
orca.security/wp-content/uploads/2024/01/ 105 KB
105 KB 74ms
73ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/sys-all-real-world-blog-1980.png?w=364

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5359c1effe74a75b7c56aadedaf40fc347e4803ed40b48ba21b5a2b89b9c5adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 195 443
last-modified: Tue, 06 Feb 2024 08:22:47 GMT
server: nginx
etag: "776ce099950c6870"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 107396

GET
H2 200 sys-all-risk-blog-1980.png
orca.security/wp-content/uploads/2024/01/ 111 KB
111 KB 74ms
73ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2024/01/sys-all-risk-blog-1980.png?w=364

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

615fb10a6705cadeb9a62d38cefbc3e3c745366e69536c0e4bb18d0c0bff8e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 88 443
last-modified: Tue, 06 Feb 2024 08:40:48 GMT
server: nginx
etag: "6f7e04365086d7ca"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 113564

GET
H2 200 BLOG-3-Cloud-Security-Threats-to-Watch-1980px.jpg
orca.security/wp-content/uploads/2023/12/ 38 KB
38 KB 74ms
73ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2023/12/BLOG-3-Cloud-Security-Threats-to-Watch-1980px.jpg?w=364

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6ad21910ff0e53c0df3de8960e92cd8f245cef49bf51506f2e0c993d30b7adf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 32 443
last-modified: Tue, 06 Feb 2024 08:29:04 GMT
server: nginx
etag: "cf25fe08bac22832"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 38934

GET
H2 200 blog_generic_tile.jpg
orca.security/wp-content/uploads/2021/03/ 3 KB
4 KB 74ms
73ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2021/03/blog_generic_tile.jpg?w=362

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0542c5a98349aa30b87a9923c5ccb2dc35014ecf902e82c8e32faec9e4ac3751

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 139 443
last-modified: Tue, 06 Feb 2024 08:50:37 GMT
server: nginx
etag: "4c5e7ddb799a432b"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 3542

GET
H2 200 Blog-graphic_Orca-Gartner-CIEM-Report_Feature.jpg
orca.security/wp-content/uploads/2023/05/ 5 KB
5 KB 74ms
73ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2023/05/Blog-graphic_Orca-Gartner-CIEM-Report_Feature.jpg?w=364

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d9a468175191421dd4614dc35cc6209983abdf4691f0eb73c9e622b734d45a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 139 443
last-modified: Tue, 06 Feb 2024 08:50:37 GMT
server: nginx
etag: "67cd02998bd5ef90"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 4974

GET
H2 200 Blog-graphic_Tag-Cyber-Report-2023_Feature.jpg
orca.security/wp-content/uploads/2023/08/ 9 KB
9 KB 74ms
74ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2023/08/Blog-graphic_Tag-Cyber-Report-2023_Feature.jpg?w=364

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

16f11b299f5229f0087fc6c3ef30e126342f7749b8c5f49b9bd7228064e460a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 83 443
last-modified: Tue, 06 Feb 2024 08:22:48 GMT
server: nginx
etag: "aed2867376a40e1f"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 8946

GET
H2 200 featured-blue.svg
orca.security/wp-content/themes/orca-2023/assets/svg/ 1 KB
1 KB 71ms
70ms Image
image/svg+xml 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/svg/featured-blue.svg

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f7347c2b3c0649df0a10fdd68d29cc0ff17a250992a2f5f5cce375f71a9aa8d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 13 Nov 2023 13:29:22 GMT
server: nginx
x-rq: hhn1 123 242 443
etag: W/"655224b2-5a9"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 featured-white.svg
orca.security/wp-content/themes/orca-2023/assets/svg/ 592 B
633 B 71ms
71ms Image
image/svg+xml 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/svg/featured-white.svg

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f88eb9b6ea2ddecf6dab3e397c92e757e562f78dad657c7c96ba193966abea32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 13 Nov 2023 13:29:22 GMT
server: nginx
x-rq: hhn1 123 243 443
etag: W/"655224b2-250"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 avatar_bar-kaduri.png
orca.security/wp-content/uploads/2022/01/ 11 KB
12 KB 71ms
71ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2022/01/avatar_bar-kaduri.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

06fbf76bf46d824c5ff33fdddbaebc08954ed04c125ddb8c7f210309fcd4c88f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 84 443
last-modified: Tue, 06 Feb 2024 09:22:59 GMT
server: nginx
etag: "0eec4d6449895fb3"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 11748

GET
H2 200 group-divider-wave-2.svg
orca.security/wp-content/themes/orca-2023/dist/images/ 232 B
471 B 67ms
67ms Image
image/svg+xml 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/themes/orca-2023/dist/images/group-divider-wave-2.svg

Requested by

Host: orca.security
URL: https://orca.security/wp-content/themes/orca-2023/dist/css/frontend.css?ver=6df12e57908ee89c36db

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1db6ceb28ebc8d2a17ae00c0be97bcbaad06bb5949d37ef9d5f5562420de0f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://orca.security/wp-content/themes/orca-2023/dist/css/frontend.css?ver=6df12e57908ee89c36db
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 123 242 443
last-modified: Tue, 06 Feb 2024 13:49:42 GMT
server: nginx
etag: "65c238f6-e8"
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 232

GET
H2 200 tick.svg
orca.security/wp-content/themes/orca-2023/dist/svg/ 307 B
547 B 67ms
67ms Image
image/svg+xml 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/themes/orca-2023/dist/svg/tick.svg

Requested by

Host: orca.security
URL: https://orca.security/wp-content/themes/orca-2023/dist/css/frontend.css?ver=6df12e57908ee89c36db

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7d5c0fb38611921f53d2572bec0da1dc619d2b98dfebe69614fcd12f03ff5fa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://orca.security/wp-content/themes/orca-2023/dist/css/frontend.css?ver=6df12e57908ee89c36db
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 123 242 443
last-modified: Tue, 06 Feb 2024 13:49:42 GMT
server: nginx
etag: "65c238f6-133"
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 307

GET
H2 200 mulish-v12-latin-300.woff2
orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/ 11 KB
11 KB 66ms
66ms Font
application/font-woff2 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/themes/orca-2023/assets/fonts/mulish/mulish-v12-latin-300.woff2

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

48a1c5357f10501a6c576d99d9dae33a11d3b9fe26f4b135ba3e5f5a757d95e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 123 242 443
last-modified: Mon, 13 Nov 2023 13:29:22 GMT
server: nginx
etag: "655224b2-2b38"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11064

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 153ms
64ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8518158d5d841cc1-FRA
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 51ms
50ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 02:08:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Fri, 17 May 2024 02:08:17 GMT

GET
H2 200 ct Show response
obseu.itstarsbuilding.com/ 4 KB
2 KB 216ms
76ms Script
text/javascript 2a05:d018:56f:b804:6115:ed34:65c7:21ff
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.itstarsbuilding.com/ct?id=46596&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1707271697504&hl=2&op=0&ag=331356233&rand=842820662959119518557092829182192476903729157973290069926102246280051010012128917996&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDM2NDJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjQsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozMzM0OTcwMzgyLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDIsMCwwLDQsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMTEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsNSwwLDAsMCwwLDAsMCwwLDMsMCJdLFstMSwiLSJdLFstMiwiNixlQUhXWDEvZjNxekN2Ymt1eW1Rd2dsSWFGM3BFc1JFRVRwb1ZkRlZCUVFwUmNSQkZTS0lJZ2lSSXIwS2hKUnFwU0F0Q0FrUUhwSXp5YmJYcG1aci81L2Q5NmJ6Y3VTQVBKL0d0Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcIm9nOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjoxMDAwMDAwMCxcInVqaHNcIjoxMDAwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDkuNSwwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiLSJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE3MDcyNzE2OTc0NjcsLTFdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJsLC0xLC0xLDAsMCwyMiwwLDAsODEsMTAxOSwtMSwwLDEyNzkuOSwxMjc5LjksMTUxMiwxNTEyIl0sWy0zOSwiW1wiMjAwMzAxMDdcIiw0LFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDMsZmFsc2UsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMDEwMTEwMTAwMDAwMSJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCI2MjAsNjc3LDAsMCwwLDU2MiwwLDAsNjQ4LDAsMCwwLDAsMCwwLDAsMCwwLDAsNjg0LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIkV1cm9wZS9CZXJsaW4sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjEwMCJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMzI5OTkxMzY5XCIsXCJfMVwiLFwiMTkxOTY2ODMyNFwiXSxcImRcIjpbXSxcImJcIjpbXCI0MDczNjk4ODY4XCIsXCIzMDY4OTcxMTg2XCJdLFwic1wiOjF9Il0sWy01NSwiMiJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy01NywiV0UwWlYxeE9jVmhYWFZWY1N4Y0ZXbFpVU1V4TlhGMEhHV0pZU2hsWVNVbFZRR1FaRVZ4UFdGVVpXRTBaQlZoWFZsZEFWRlpNU2djWkVRTU9Bd2dNQ1E0SUFSQVZHUVZZVjFaWFFGUldURW9IQXdnQkF3b0pFQlZZVFJsNFMwdFlRQmRjWEJrUlVVMU5TVW9ERmhaY1RGWmJGMUJOU2sxWVMwcGJURkJWWFZCWFhoZGFWbFFXU2tGSkZsQVdEZzBLQ3dvQkNWcGNDbDBNQUZ3UFhBc0FBRnRhWFFrQkFBNWNDd2xiQUFBWFUwb0RDQU1QRHdnTURSQVZXRTBaVFJkY1FVbFdTMDFLR1JGUlRVMUpTZ01XRmx4TVZsc1hVRTFLVFZoTFNsdE1VRlZkVUZkZUYxcFdWQlpLUVVrV1VCWU9EUW9MQ2dFSldsd0tYUXdBWEE5Y0N3PT0iXSxbLTU4LCItIl0sWy01OSwiZGVmYXVsdCJdLFstNjAsMjIyXSxbLTYxLCJ7XCJ3Z3NsXCI6XCIwO1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWy02MiwiODAiXSxbLTYzLCIwIl0sWy02NCwiWzAsXCJcIixbXV0iXSxbLTY1LCItIl0sWy02NiwiZ2VvbG9jYXRpb24sc3RvcmFnZWFjY2VzcyxnYW1lcGFkLGNoZWN0LG1pZGksZGlzcGxheWNhcHR1cmUsdXNiLGxvY2FsZm9udHMscGljdHVyZWlucGljdHVyZSxwdWJsaWNrZXljcmVkZW50aWFsc2dldCxvdHBjcmVkZW50aWFscyxjaHVhZm9ybWZhY3RvcixlbmNyeXB0ZWRtZWRpYSxjaHNhdmVkYXRhLGNodWFmdWxsdmVyc2lvbmxpc3QsY2h1YXdvdzY0LGNoZG93bmxpbmssY2hwcmVmZXJzY29sb3JzY2hlbWUsc3luY3hocixjaHVhbW9kZWwsY2hwcmVmZXJzcmVkdWNlZHRyYW5zcGFyZW5jeSxzZXJpYWwsY2FtZXJhLGNocHJlZmVyc3JlZHVjZWRtb3Rpb24scHJpdmF0ZXN0YXRldG9rZW5pc3N1YW5jZSxpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LGNodWFmdWxsdmVyc2lvbixmdWxsc2NyZWVuLGNoZHByLHVubG9hZCxrZXlib2FyZG1hcCxjaHVhcGxhdGZvcm0sZ3lyb3Njb3BlLGNodWFtb2JpbGUsd2luZG93bWFuYWdlbWVudCxjaHVhLG1hZ25ldG9tZXRlcixhY2NlbGVyb21ldGVyLHByaXZhdGVzdGF0ZXRva2VucmVkZW1wdGlvbixjaHVhYXJjaCx4cnNwYXRpYWx0cmFja2luZyxpZGxlZGV0ZWN0aW9uLGNodWFwbGF0Zm9ybXZlcnNpb24sY2h3aWR0aCxjbGlwYm9hcmRyZWFkLGNodmlld3BvcnR3aWR0aCxwYXltZW50LGNodmlld3BvcnRoZWlnaHQsY2hydHQsYXV0b3BsYXksY3Jvc3NvcmlnaW5pc29sYXRlZCxoaWQsY2h1YWJpdG5lc3Msc2NyZWVud2FrZWxvY2ssY2xpcGJvYXJkd3JpdGUsY2hkZXZpY2VtZW1vcnksbWljcm9waG9uZSJdLFstNjcsIjI1MzIzMTI4ODg6MTYiXSxbLTY4LCItIl0sWyJkZGIiLCIwLDYsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwxLDEsNywwLDUsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsNSwwLDAsMCwwLDAsMCwxNSwwIl0sWyJibmNoIiw3M10sWyJhYm5jaCIsNzRdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=bGX2sEfYLF&pto=1550&ver=58&gac=-&mei=&ap=&fe=1&duid=1.1707271697.b7OTfK3lhyR62TKm&suid=1.1707271697.FIRQnNHu3617jhbu&tuid=1.1707271697.Wf6lvBfvzzni13tv&fbc=-&gtm=W10%3D&it=78%2C1008%2C428&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=
Requested by: Host: euob.itstarsbuilding.com
URL: https://euob.itstarsbuilding.com/sxp/i/7432380ce3d59e6e299bcd0897e20b99.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b804:6115:ed34:65c7:21ff Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c8276e755aa097a79185d1adf2d549c34514c66e5ec60322b08b34f6838caa05

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Wed, 07 Feb 2024 02:08:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1389
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 304 KB
95 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZJX9BKF7WR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab5a3c019aae66caee74e5057ba78559dd257aa41414f42af3ebd44c912b0fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97407
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Feb 2024 02:08:17 GMT

GET
H2 200 attributionSnippet.js Show response
ddzuuyx7zj81k.cloudfront.net/1.0.0/ 6 KB
2 KB 142ms
40ms Script
application/javascript 2600:9000:2057:5200:8:8d2f:9e00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ddzuuyx7zj81k.cloudfront.net/1.0.0/attributionSnippet.js
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:5200:8:8d2f:9e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a26c6b08f043efef7e236eb6464e096f0d0a995c35c5f6074d4cc1c695cbe9b0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: BzkI61eYFyewX6x0l7i6i82MeoDOtTMn
content-encoding: gzip
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 06:37:20 GMT
last-modified: Mon, 18 Jul 2022 15:25:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 70296
etag: W/"03d2c7ecc77b0dbf04fecc51b018a287"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 0iOpe0KiaJ-rSretWqp2g4B-iW0HYFQ0Yyv4G9tEMvzbK4CGX4arEQ==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 43 KB
16 KB 141ms
40ms Script
application/javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 14:42:29 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=67510
accept-ranges: bytes
content-length: 15732

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 135ms
42ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220100-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/ 3 KB
2 KB 145ms
56ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/?random=1707271697605&cv=11&fst=1707271697605&bg=ffffff&guid=ON&async=1&gtm=45He4250v812157982za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&hn=www.googleadservices.com&frm=0&tiba=Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security&npa=0&pscdl=noapi&auid=2017189719.1707271698&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba4b9e500c3f32406522faa989ea4eb47ebf2b5f35e071451abb16fccb1d68e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1338
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3724.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 250ms
158ms Script
text/javascript 2606:4700:4400::ac40:90e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/3724.js?p=https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/&e=

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:90e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
x-xss-protection: 1; mode=block
x-request-id: 08ab79ed-2ff3-4c53-8fd8-8aecd2e29d9f
x-runtime: 0.002864
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
cf-ray: 8518158ecf4f9bf5-FRA

GET
H2 200 qualified.js Show response
js.qualified.com/ 635 KB
155 KB 599ms
499ms Script
text/javascript 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.qualified.com/qualified.js?token=gndr1NireXGRNRuC

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dae9418957c9f7eaf34d217aa4a4cec45137b1d7d41933a85c7acf3baee4bb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:18 GMT
content-encoding: gzip
via: 1.1 spaces-router (devel)
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: MISS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: b353efb6-dd8d-b679-4b63-56b978988f7b
pragma: no-cache
x-runtime: 0.032493
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"dae9418957c9f7eaf34d217aa4a4cec4"
x-download-options: noopen
vary: Accept,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 8518158ec8e86939-FRA
expires: Wed, 07 Feb 2024 06:08:18 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 133ms
39ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 07:28:49 GMT
Content-Encoding: gzip
Via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
Last-Modified: Wed, 17 Jan 2024 00:44:59 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 67169
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: xhmdmVWe0Y-ZTU-HgQtIwZ5gP7XPr-NrK53_6wcBdP4w9k2RtzI1aA==

GET
H2 200 jjtdo160k2 Show response
www.clarity.ms/tag/ 1018 B
1 KB 311ms
221ms Script
application/x-javascript 2620:1ec:46::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/jjtdo160k2
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 990ebd25f3a7612440c94770d525ec652f279078e1ff093c93cee24ce2d76e46

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: -1
date: Wed, 07 Feb 2024 02:08:17 GMT
x-azure-ref: 20240207T020817Z-pcep9y56dh33fbn5uqsuyt9zuw00000007h00000000065t1
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1018
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 2aa3d219-295b-4023-ba43-3c4bfa09c5a7.js Show response
j.6sc.co/j/ 4 KB
2 KB 583ms
433ms Script
application/javascript 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/2aa3d219-295b-4023-ba43-3c4bfa09c5a7.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-193.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1acd2ddce44226de9ce45da431ad15a4d8512202bf04d9922dd876e2c845de7a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: rIcVh1GRdggcHOX5GHUwfI7EvVym_rU8
content-encoding: gzip
date: Wed, 07 Feb 2024 02:08:18 GMT
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
x-amz-meta-content-type: application/json
content-length: 1458
pragma: no-cache
last-modified: Mon, 08 Jan 2024 20:57:47 GMT
server: AmazonS3
etag: "de9073de708de22d699ee5d86f3a0eb7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: bdnJ9QOgyDCjzlYkn-_m9LNsJuNZvY6nMKfWDjLKeGHdgSlQXWgrmg==
expires: Wed, 07 Feb 2024 02:08:18 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202310.2.0/ 426 KB
103 KB 48ms
48ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

838f4b697deefb701f31eb892e6dde74a92dd7c65d4d56f967bb79c17a66d79e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3zwKFeg02sA5dMnkMN3c/A==
age: 5841
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 105024
x-ms-lease-status: unlocked
last-modified: Tue, 05 Dec 2023 03:37:34 GMT
server: cloudflare
etag: 0x8DBF54385213BD6
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9da7b195-801e-001e-0647-27d55b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8518158e28f91ca3-FRA

POST
H/1.1 200
OK visitWebPage
796-pbw-559.mktoresp.com/webevents/ 2 B
318 B 989ms
144ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://796-pbw-559.mktoresp.com/webevents/visitWebPage?_mchNc=1707271697615&_mchCn=&_mchId=796-PBW-559&_mchTk=_mch-orca.security-1707271697614-74563&_mchHo=orca.security&_mchPo=&_mchRu=%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 02:08:18 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 2f9a5a2d-ee41-43c3-92df-3b7fa4e69744

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/a3c4add2-fbd3-4f71-9383-50362de53378/10406ee8-b1d5-4a31-b330-04b7441eefd3/ 74 KB
14 KB 60ms
59ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a3c4add2-fbd3-4f71-9383-50362de53378/10406ee8-b1d5-4a31-b330-04b7441eefd3/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8f6428d72ad132b9dfa15bfe9c9023323fc4e180e62d5f02b54eff2f2eebce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 16735
content-md5: gycSmHhjk0z5LYh+7k8xwA==
content-length: 14639
x-ms-lease-status: unlocked
last-modified: Mon, 13 Nov 2023 14:30:43 GMT
server: cloudflare
etag: 0x8DBE4551E5CEAF4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1eb232c4-301e-0069-253e-1600cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8518158efef85d8d-FRA
expires: Thu, 08 Feb 2024 02:08:17 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 138ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZJX9BKF7WR&gtm=45je4250v892696919z8812157982za200&_p=1707271697175&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=371219492.1707271698&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1707271697&sct=1&seg=0&dl=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&dt=Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=Blog%20Pages&tfd=1815
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZJX9BKF7WR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:08:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://orca.security
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 152ms
50ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZJX9BKF7WR&cid=371219492.1707271698&gtm=45je4250v892696919z8812157982za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZJX9BKF7WR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:08:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://orca.security
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 141ms
50ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZJX9BKF7WR&cid=371219492.1707271698&gtm=45je4250v892696919z8812157982za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=154126868

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:08:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
76 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-653025264

Requested by

Host: euob.itstarsbuilding.com
URL: https://euob.itstarsbuilding.com/sxp/i/7432380ce3d59e6e299bcd0897e20b99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a53ebf99d21e667066a20cad4eeca84b1bac65209cd408e22b38947da1d0fd12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77530
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 00:09:44 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Feb 2024 02:08:17 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
76 KB 62ms
61ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-653025264&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFH8KTP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d087be61225a7e3cdc3cd46d4af78ce90badc7301d49c64a44abd919ab9e30d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77527
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 00:09:44 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Feb 2024 02:08:17 GMT

GET
H2 200 tc_imp.gif
obseu.itstarsbuilding.com/tracker/ 43 B
79 B 61ms
61ms Image
image/gif 2a05:d018:56f:b804:6115:ed34:65c7:21ff
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obseu.itstarsbuilding.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126ae9c532eb41839a9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a1788642117071a10acf9f29f6748d1858805796c1cfc717f5581388961c603650677c756030966035acfba6a4c77be26bb25cb43e2916af05365ac097c7a1bdb50ef4ef497d7d63fbb2807ff7ecaa8556d8e0e3143714493d60265f460b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a7958677a0dbdf5cec489d5b3772aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7da1c44766bcddfd70de02ff45e6d249ca1b9e9a7e916b32c39d76893493d0b9f09df3f1477fe425b7bbfd2a5728ae9621cca648a11d0245971e509acf8ed8c0ffc921cf2bc78ebe9e63a36c7c25896f3b9593800327dee576e602ff845d9138a57b0d4058dd3dba07ca88ba68b68b3fd71fe784d2d071855e5522ef4e1f47754779c2ab2cb354d5cf8927b39568f1dd6c94c2eff93dd7e3a91f76798bf853489bef580b59baace374ae28ee9f4ef3f27ca076a12d87168506ddac20d55872b2fbd0246a7d720938194005f9b99e66c051ef100f4769b8e75dc38a465db8e188ebf8359db3f6f694a6bded59186d881bdfe3072afa177711c57e4f6d7ea029dc2a4097b5851ade72dd3796b930dffa518b71643c29027c1280c3f8c63a7a538605469dd0c5b8b2cc4f069db9a16095c77267c5d1153575e490da543daa21855e8307e53f9f0ec6cb15f8a62fe49b8ace854662efe03b7f9f77a68db0a80a816d34160592745e51b1a35f88f009cb999bc85cd19a86330e3447a220aa05aa56b39d74973243224326607ee15a8a872f48b86fc0a3f229c4ce4d8c7173c20d6e78dab1851850fc70eb8f17da0033074bba322b9cfdd017af014599d94be8bddbfde439874f493056b72e714096820d42bb3be7f9c32a8ed5e509430adb0841567ab75253e098e94249c22763cf85c3049080a8c54b23a431bc076d54cb4f2576d2ce63178d8aa5a4b4f459ab64ff6fd661879d1ed6afb87d25e5ed2dde8cfcf69de1dccc2850d8b76104e760c15bd907beba49fd98948a2fa08cd7e4e9122ed6f3ecfd40c8489a124b330062cb8c2b768130a84fdf8935a40b3aa2301cdc3aedcb2328b9752f5216cde6d22c99c901612a126ec2d5deb99b34844af8ff702c9cdc5354575d7b607c9a63c1a72404a5fe8e92f6acf0fde08c7daf&cri=bGX2sEfYLF&ts=293&cb=1707271697797
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b804:6115:ed34:65c7:21ff Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Wed, 07 Feb 2024 02:08:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 googleAnalytics4.js Show response
fast.wistia.com/assets/external/ 17 KB
5 KB 59ms
59ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/googleAnalytics4.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0df18c32cb7381c8fea60180bb84ad147116e9eedb189c1fc3c44026d20b31af

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 987
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 4441
x-served-by: cache-iad-kjyo7100097-IAD, cache-sof1510030-SOF
x-browser-version: 121
last-modified: Tue, 06 Feb 2024 20:48:11 GMT
server: AmazonS3
x-timer: S1707271698.825410,VS0,VE1
etag: "820f52d7cfd09970bd79f965972c45e9"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 5e0b4d0e73854d17e0336093d1241067c538a663
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 57, 1

OPTIONS
H2 204 setcookie2
5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/ Frame 0
0 619ms
479ms Preflight 18.245.46.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/setcookie2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-27.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://orca.security
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Length,Content-Type
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD
access-control-allow-origin: https://orca.security
access-control-max-age: 43200
date: Wed, 07 Feb 2024 02:08:18 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 f0393fc6725f4d719cff14263a50d286.cloudfront.net (CloudFront)
x-amz-apigw-id: Svji6F37vHcENzQ=
x-amz-cf-id: cRY5Sf24thfwLngxzLkCyUBMurZfNSzBX0mO15fYyiPN5HwFhVIjeA==
x-amz-cf-pop: FRA56-P9
x-amzn-requestid: f49499cb-ca24-4cb0-ac99-1bac4391b096
x-amzn-trace-id: Root=1-65c2e612-573ac8d17c63a6fb53a901cd;Sampled=0;lineage=ccf2bc8d:0
x-cache: Miss from cloudfront

GET
BLOB 200
OK c12e78e8-11cc-48af-b6ba-48b054998a92
https://orca.security/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://orca.security/c12e78e8-11cc-48af-b6ba-48b054998a92
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4976769ff1a9895478cd633c29b2204d933cc906d96f731e6286934c24f4df70

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 261
Content-Type

POST
H2 200 setcookie2 Show response
5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/ 15 B
692 B 569ms
489ms Fetch
application/json 18.245.46.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/setcookie2
Requested by: Host: ddzuuyx7zj81k.cloudfront.net
URL: https://ddzuuyx7zj81k.cloudfront.net/1.0.0/attributionSnippet.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-27.fra56.r.cloudfront.net
Software: /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 07 Feb 2024 02:08:18 GMT
via: 1.1 43b9d5592d1dc6a44adc7ebaaf183280.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
x-amzn-trace-id: Root=1-65c2e612-66fd3562530dea460bec537a;Sampled=0;lineage=ccf2bc8d:0
x-amzn-requestid: cb147693-7baf-4559-b1a9-78366aa6f314
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://orca.security
access-control-allow-credentials: true
x-amz-apigw-id: Svji_E3-vHcEU6Q=
content-length: 15
x-amz-cf-id: 0bf3YlIQjyvVMkhRyXQoq8tkqEHd37ILc6u6raWt7rHFfP6oKo635A==

GET adsct
t.co/i/ 0
0

GET adsct
analytics.twitter.com/i/ 0
0

GET
H2 200 /
www.google.com/pagead/1p-user-list/653025264/ 42 B
455 B 137ms
51ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/653025264/?random=1707271697605&cv=11&fst=1707271200000&bg=ffffff&guid=ON&async=1&gtm=45He4250v812157982za200&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&frm=0&tiba=Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_wOKa33S2YdtxLXMW7ZNgezo0Jc3pRQ&random=1000105019&rmt_tld=0&ipr=y

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:08:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/653025264/ 42 B
154 B 53ms
49ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/653025264/?random=1707271697605&cv=11&fst=1707271200000&bg=ffffff&guid=ON&async=1&gtm=45He4250v812157982za200&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&frm=0&tiba=Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_wOKa33S2YdtxLXMW7ZNgezo0Jc3pRQ&random=1000105019&rmt_tld=1&ipr=y

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:08:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1707271697811&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1707271697811&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&e_ipv6=A...

0
266 B

278ms
183ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1707271697811&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&e_ipv6=AQLCE3aNsU9UEwAAAY2BUrZaDBIGzVI0927clo-fY2qccCKF3Dcd9qW7BXjYHeSH7FB6eOY1
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: DFFE9C16512344B99B253F78053956C2 Ref B: DUS30EDGE0311 Ref C: 2024-02-07T02:08:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQwSsce4mIXVBxUGluVA==

Redirect headers

date: Wed, 07 Feb 2024 02:08:17 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: E69EC82B8FC249BF901D2AC6255A2A72 Ref B: DUS30EDGE0718 Ref C: 2024-02-07T02:08:17Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1286465&time=1707271697811&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&e_ipv6=AQLCE3aNsU9UEwAAAY2BUrZaDBIGzVI0927clo-fY2qccCKF3Dcd9qW7BXjYHeSH7FB6eOY1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQwSsYNrgEVyHqJS89Bg==

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
831 B 326ms
225ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: CB263A197AC04F81B1DBF0D110B77EFA Ref B: DUS30EDGE0718 Ref C: 2024-02-07T02:08:17Z
linkedin-action: 1
vary: Origin
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
access-control-allow-origin: https://orca.security
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYQwSsYbdwFuB9fHEtcdA==

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn.cookielaw.org/scripttemplates/202310.2.0/assets/ 10 KB
3 KB 49ms
49ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.2.0/assets/otFloatingRoundedCorner.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3260db446188242293e04a658411e44c6175108bc5d8b7e7676e8786d4f0501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2Y4BaIugw6ewXFLkp9h9fg==
age: 16734
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2627
x-ms-lease-status: unlocked
last-modified: Tue, 05 Dec 2023 03:37:28 GMT
server: cloudflare
etag: 0x8DBF54381A0CE39
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1e42c8d3-601e-004b-485c-27c5d0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8518158f8f4a5d8d-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202310.2.0/assets/v2/ 63 KB
13 KB 50ms
50ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.2.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8f71867a6991d5a1ba2b9cd33000e8d8691f6ba8864516946b62087de93aa85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9LM0+2zXH90ABPPSdPNeWw==
age: 16734
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13595
x-ms-lease-status: unlocked
last-modified: Tue, 05 Dec 2023 03:37:29 GMT
server: cloudflare
etag: 0x8DBF543822D49AF
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 79293141-901e-0094-7a5a-278eea000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8518158f9f4b5d8d-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202310.2.0/assets/ 5 KB
2 KB 53ms
53ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.2.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7429ba59299387d5b2445949464b6b58111c47c8363459c1dfe16a541ff0c397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: HZ4CF8sFCthNRNvjE80iGw==
age: 61967
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1766
x-ms-lease-status: unlocked
last-modified: Tue, 05 Dec 2023 03:37:29 GMT
server: cloudflare
etag: 0x8DBF54381B7D553
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ecd479ab-701e-0078-6998-279a7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8518158f9f4c5d8d-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202310.2.0/assets/ 21 KB
4 KB 52ms
51ms Fetch
text/css 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 16734
x-ms-lease-status: unlocked
last-modified: Tue, 05 Dec 2023 03:37:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e78f1be5-d01e-0085-3797-27145e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8518158f9f4e5d8d-FRA

GET
BLOB 200
OK 38e6a3cd-02e4-4ca6-9e85-7fdb57b51fab
https://orca.security/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://orca.security/38e6a3cd-02e4-4ca6-9e85-7fdb57b51fab
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f6de68c5b89d8e658deab59d371c31b4bf9b12c7371dcaa660fa49b0b1299ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 529
Content-Type

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 44ms
38ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=226218700&post=61217&tz=-8&srv=orca.security&hp=vip&j=1%3A13.0&host=orca.security&ref=&fcp=1280&rand=0.00823031724746115
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 07 Feb 2024 02:08:17 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 getForm Show response
try.orca.security/index.php/form/ 3 KB
1 KB 700ms
699ms Script
application/javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://try.orca.security/index.php/form/getForm?munchkinId=796-PBW-559&form=1486&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&callback=jQuery371004722705662959559_1707271697820&_=1707271697821
Requested by: Host: try.orca.security
URL: https://try.orca.security/js/forms2/js/forms2.min.js?ver=0.1.0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9335023f487ddb577eab2bf78694d24b4937ec0bc14242ade70d4861248c758e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:18 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-form-service-request-id: 171c7#18d8152b686
x-marketo-source: Form Service
cf-ray: 85181590098058d8-TXL
cached: false

GET
H2 200 getForm Show response
try.orca.security/index.php/form/ 3 KB
1 KB 88ms
87ms Script
application/javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://try.orca.security/index.php/form/getForm?munchkinId=796-PBW-559&form=1047&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&callback=jQuery371004722705662959559_1707271697822&_=1707271697823
Requested by: Host: try.orca.security
URL: https://try.orca.security/js/forms2/js/forms2.min.js?ver=0.1.0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3b2b4822b0b8c3f9132352886ea979317c4dc69ffb3be36e3bc198ea515bfd0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 85181590098158d8-TXL
cached: true
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

POST
H/1.1 200
OK queries Show response
abzbmmyyoz-dsn.algolia.net/1/indexes/*/ 38 KB
14 KB 186ms
186ms XHR
application/json 209.58.137.100
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to

Full URL

https://abzbmmyyoz-dsn.algolia.net/1/indexes/*/queries?x-algolia-agent=Algolia%20for%20JavaScript%20(4.22.0)%3B%20Browser%3B%20instantsearch.js%20(4.63.0)%3B%20JS%20Helper%20(3.16.1)

Requested by

Host: orca.security
URL: https://orca.security/wp-content/themes/orca-2023/dist/js/top-nav-search-algolia.js?ver=cdaff79ecccd0bdb94e6

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.58.137.100 Hayward, United States, ASN7203 (LEASEWEB-USA-SFO, US),

Reverse DNS

Software

nginx /

Resource Hash

56fcf3a805bb2c46e887358cd4f6a7842c18a35e45a0ae2277afd0a47627ba5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

x-algolia-application-id: ABZBMMYYOZ
Referer
x-algolia-api-key: f34560540828ce88849184b90fcd7967
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 07 Feb 2024 02:08:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Accept-Encoding: deflate, gzip
X-Alg-PT: 1
Server: nginx
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Disposition: inline; filename=a.txt
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 Code-Pro-JetBrains-Mono.woff2
orca.security/wp-content/plugins/code-block-pro//build/fonts/ 68 KB
68 KB 42ms
41ms Font
application/font-woff2 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://orca.security/wp-content/plugins/code-block-pro//build/fonts/Code-Pro-JetBrains-Mono.woff2

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bceff0710e3a7fe5b3622265c48b6fbc055cf071df80ef5f36ffc69550296664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Referer
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 123 243 443
last-modified: Mon, 17 Apr 2023 11:33:52 GMT
server: nginx
etag: "643d2ea0-10f40"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 69440

OPTIONS
H/1.1 200
OK queries
abzbmmyyoz-dsn.algolia.net/1/indexes/*/ Frame 0
0 580ms
182ms Preflight
text/plain 209.58.137.100
LEASEWEB-USA-SFO

General

Check archive.org

Show headers Download Go to

Full URL

https://abzbmmyyoz-dsn.algolia.net/1/indexes/*/queries?x-algolia-agent=Algolia%20for%20JavaScript%20(4.22.0)%3B%20Browser%3B%20instantsearch.js%20(4.63.0)%3B%20JS%20Helper%20(3.16.1)

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.58.137.100 Hayward, United States, ASN7203 (LEASEWEB-USA-SFO, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-algolia-api-key,x-algolia-application-id
Access-Control-Request-Method: POST
Origin: https://orca.security
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: x-algolia-application-id, connection, origin, x-algolia-api-key, content-type, content-length, x-algolia-signature, x-algolia-user-id, x-algolia-usertoken, x-algolia-tagfilters, DNT, X-Mx-ReqToken, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Authorization, Accept, Pragma
Access-Control-Allow-Methods: GET, PUT, DELETE, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=86400
Connection: keep-alive
Content-Disposition: inline; filename=a.txt
Content-Length: 0
Content-Type: text/plain
Date: Wed, 07 Feb 2024 02:08:18 GMT
Expires: Thu, 08 Feb 2024 02:08:18 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 53ms
53ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orca.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 79737
x-ms-lease-status: unlocked
last-modified: Mon, 05 Feb 2024 03:34:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: cd2f223d-101e-009a-45ef-57a75a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 851815906a1b1ca3-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
489 B 49ms
49ms Fetch
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:08:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 61967
x-ms-lease-status: unlocked
last-modified: Mon, 05 Feb 2024 08:11:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d20cfaae-a01e-008f-1f46-58b0e9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 851815906fcd5d8d-FRA

GET
H2 200 orca-security-logo-color.png
cdn.cookielaw.org/logos/dcf8fc76-8b70-468b-b48a-fba6d56d1473/a3c4add2-fbd3-4f71-9383-50362de53378/f7124552-7f1a-4036-ac4c-3aa5a38b34f6/ 4 KB
4 KB 51ms
51ms Image
image/png 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/dcf8fc76-8b70-468b-b48a-fba6d56d1473/a3c4add2-fbd3-4f71-9383-50362de53378/f7124552-7f1a-4036-ac4c-3aa5a38b34f6/orca-security-logo-color.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee5b2d55502f6214cbf45878d363cbf9304ee7cc6def3f561de93c7b6f71b0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 4Ni50z3v+cUUi4EhnHO0mQ==
age: 59118
content-length: 3663
x-ms-lease-status: unlocked
last-modified: Mon, 13 Nov 2023 14:28:50 GMT
server: cloudflare
etag: 0x8DBE454DB125952
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: dee98bb6-101e-001c-7447-236be3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 851815908a2f1ca3-FRA

GET
H2 200 orca-security-logo-color.png
cdn.cookielaw.org/logos/dcf8fc76-8b70-468b-b48a-fba6d56d1473/a3c4add2-fbd3-4f71-9383-50362de53378/2771c3fc-ed10-440d-811e-c8c8689bfda4/ 4 KB
4 KB 54ms
53ms Image
image/png 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/dcf8fc76-8b70-468b-b48a-fba6d56d1473/a3c4add2-fbd3-4f71-9383-50362de53378/2771c3fc-ed10-440d-811e-c8c8689bfda4/orca-security-logo-color.png

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee5b2d55502f6214cbf45878d363cbf9304ee7cc6def3f561de93c7b6f71b0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 4Ni50z3v+cUUi4EhnHO0mQ==
age: 59118
content-length: 3663
x-ms-lease-status: unlocked
last-modified: Mon, 13 Nov 2023 14:28:50 GMT
server: cloudflare
etag: 0x8DBE454DAD86687
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f8444c4e-b01e-0067-373d-16297f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 851815908a301ca3-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 50ms
50ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 07 Feb 2024 02:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 70338
x-ms-lease-status: unlocked
last-modified: Mon, 05 Feb 2024 17:46:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 9d8be78b-b01e-0048-4db0-5824b4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 851815908a311ca3-FRA

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14328f67af6b839ac4f57c7e5c2b32ef51e9d2d0f6532731120d1c989f8476f2

Request headers

Referer
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 swatch
fast.wistia.com/embed/medias/ghms147sad/ 2 KB
3 KB 60ms
59ms Image
image/jpeg 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/ghms147sad/swatch

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a27830e6bf605d0f7701f45b9e8cb7232b33b9eae671c595497129675c15b496

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:18 GMT
access-control-request-method: *
via: 1.1 9a7233ae68a3338294c89b1bf53bc426.cloudfront.net (CloudFront), 1.1 613faec4b883bfe2ebdd8a74d5006f4c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD61-P2, IAD89-C3
age: 40335
edge-cache-tag: 47d08a26e99ba844823f5bf420db70ad532f5db5
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 210
content-disposition: inline
content-length: 2271
x-served-by: cache-iad-kcgs7200128-IAD, cache-sof1510030-SOF
x-browser-version: 121
last-modified: Thu, 07 Dec 2023 04:40:52 UTC
server: envoy
x-timer: S1707271698.059880,VS0,VE0
etag: 14qaLcRLrKogPzl6KYZvfFWP_3s=
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Icd7gIAz2Gfm2r88wdbHohqJaE-Tt_H1ymbkAcyqlGDLsN7ElIn-vA==
x-cache-hits: 11, 1

GET
H2 200 47d08a26e99ba844823f5bf420db70ad532f5db5.webp
embed-ssl.wistia.com/deliveries/ 90 KB
91 KB 128ms
48ms Image
image/webp 2600:9000:211e:3e00:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/47d08a26e99ba844823f5bf420db70ad532f5db5.webp?image_crop_resized=1920x836
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3e00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 2db8c65bb0cb90c838febf4889282fd8955b140d5e1424463c597ce25d8e517c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 15:29:01 GMT
access-control-request-method: *
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 38357
edge-cache-tag: 47d08a26e99ba844823f5bf420db70ad532f5db5
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 312
content-disposition: inline
surrogate-key: 47d08a26e99ba844823f5bf420db70ad532f5db5 thumbnail-delivery
last-modified: Thu, 07 Dec 2023 04:40:52 UTC
server: envoy
etag: 3qCDLXoibOw_Zmb3Kry6gSeJlmU=
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: none
x-amz-cf-id: kA3D0V0kXt-YJvpdVcak-YGcCqOkk2CqMd33rpV-T8junM4UDFU4Kg==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/ 3 KB
2 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/?random=1707271698043&cv=11&fst=1707271698043&bg=ffffff&guid=ON&async=1&gtm=45be4250v9102553540za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&hn=www.googleadservices.com&frm=0&tiba=Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security&npa=0&pscdl=noapi&auid=2017189719.1707271698&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-653025264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a674688eae17fd5edb4f39fd2b30ed7649544a4913ad6ec471188bab01f50e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1370
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/653025264/ 3 KB
2 KB 149ms
57ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/653025264/?random=1707271698049&cv=11&fst=1707271698049&bg=ffffff&guid=ON&async=1&gtm=45be4250v9102553540za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&label=lhAwCM2ZnfUYEPC_sbcC&hn=www.googleadservices.com&frm=0&tiba=Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security&gtm_ee=1&npa=0&pscdl=noapi&auid=2017189719.1707271698&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-653025264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

0b57da8a8837aeafe495ee4334cc66e4272ce8b9ef426b041734eda6c443922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1703
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 78ms
78ms Script
application/javascript 2620:1ec:46::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jjtdo160k2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:18 GMT
content-encoding: br
last-modified: Wed, 24 Jan 2024 14:33:55 GMT
etag: W/"0x8DC1CE97EB406F9"
vary: Accept-Encoding
x-azure-ref: 20240207T020818Z-pcep9y56dh33fbn5uqsuyt9zuw00000007h00000000065t6
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 53bd29fa-901e-0009-7069-576b08000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 forms2.css
try.orca.security/js/forms2/css/ 13 KB
3 KB 173ms
172ms Stylesheet
text/css 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://try.orca.security/js/forms2/css/forms2.css

Requested by

Host: try.orca.security
URL: https://try.orca.security/js/forms2/js/forms2.min.js?ver=0.1.0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 05 Jan 2024 00:21:30 GMT
server: cloudflare
etag: "282892-3437-60e27d4627680"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 851815912a7358d8-TXL
content-length: 2623
expires: Wed, 07 Feb 2024 06:08:18 GMT

GET
H2 200 forms2-theme-plain.css
try.orca.security/js/forms2/css/ 828 B
412 B 165ms
164ms Stylesheet
text/css 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://try.orca.security/js/forms2/css/forms2-theme-plain.css

Requested by

Host: try.orca.security
URL: https://try.orca.security/js/forms2/js/forms2.min.js?ver=0.1.0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 05 Jan 2024 00:21:30 GMT
server: cloudflare
etag: "282894-33c-60e27d4627680"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 851815912a7458d8-TXL
content-length: 246
expires: Wed, 07 Feb 2024 06:08:18 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/653025264/ 42 B
108 B 53ms
53ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/653025264/?random=1707271698043&cv=11&fst=1707271200000&bg=ffffff&guid=ON&async=1&gtm=45be4250v9102553540za200&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&frm=0&tiba=Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_tpyOq1HIZ57dvaW9Is0et-sHHcoalIrU1z5vjSxnDauqS8Gy&random=1906603923&rmt_tld=0&ipr=y

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:08:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/653025264/ 42 B
108 B 52ms
52ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/653025264/?random=1707271698043&cv=11&fst=1707271200000&bg=ffffff&guid=ON&async=1&gtm=45be4250v9102553540za200&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&frm=0&tiba=Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_tpyOq1HIZ57dvaW9Is0et-sHHcoalIrU1z5vjSxnDauqS8Gy&random=1906603923&rmt_tld=1&ipr=y

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:08:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/653025264/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/653025264/?random=1862868150&cv=11&fst=1707271698049&bg=ffffff&guid=ON&async=1&gtm=45be4250v9102553540za200&gcd=13l3l3l3l1&dma_cps=s...
https://www.google.com/pagead/1p-conversion/653025264/?random=1862868150&cv=11&fst=1707271698049&bg=ffffff&guid=ON&async=1&gtm=45be4250v9102553540za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&...
https://www.google.de/pagead/1p-conversion/653025264/?random=1862868150&cv=11&fst=1707271698049&bg=ffffff&guid=ON&async=1&gtm=45be4250v9102553540za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u...

42 B
64 B

53ms
52ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/653025264/?random=1862868150&cv=11&fst=1707271698049&bg=ffffff&guid=ON&async=1&gtm=45be4250v9102553540za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&label=lhAwCM2ZnfUYEPC_sbcC&hn=www.googleadservices.com&frm=0&tiba=Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security&gtm_ee=1&npa=0&pscdl=noapi&auid=2017189719.1707271698&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQI&pscrd=Ek5DaEFJZ002SHJnWVFtNktaNS1pcHdOeFhFaVlBUjFkdThDVlhUWUVPNjBOMENnaUtwQVhjeFY3N3IybDhoSGxJU3VFRmhjZTg2a1dsc3caWkNoRUlnTTZIcmdZUTFJcnkxZW1MMi15V0FSSXVBQ1h6dk9lRTF5Z1FveVNQZzdFclFCU0YtcVhVZHpHSEtaR0xqX0twMXFyN1UtVk90RGU3cHQ2MnVVdlBRdyITCNvn6tiSmIQDFTL0EQgd2jEDKQ&is_vtc=1&ocp_id=EubCZduWCrLox_AP2uOMyAI&cid=CAQSKQAvHhf_x98Wk1o5wM9wrKknCUIiztL3LqF8g041q_63DCscfpIDvRB3&random=1859012405&ipr=y

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:08:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:08:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/653025264/?random=1862868150&cv=11&fst=1707271698049&bg=ffffff&guid=ON&async=1&gtm=45be4250v9102553540za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&label=lhAwCM2ZnfUYEPC_sbcC&hn=www.googleadservices.com&frm=0&tiba=Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security&gtm_ee=1&npa=0&pscdl=noapi&auid=2017189719.1707271698&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CIK9sQI&pscrd=Ek5DaEFJZ002SHJnWVFtNktaNS1pcHdOeFhFaVlBUjFkdThDVlhUWUVPNjBOMENnaUtwQVhjeFY3N3IybDhoSGxJU3VFRmhjZTg2a1dsc3caWkNoRUlnTTZIcmdZUTFJcnkxZW1MMi15V0FSSXVBQ1h6dk9lRTF5Z1FveVNQZzdFclFCU0YtcVhVZHpHSEtaR0xqX0twMXFyN1UtVk90RGU3cHQ2MnVVdlBRdyITCNvn6tiSmIQDFTL0EQgd2jEDKQ&is_vtc=1&ocp_id=EubCZduWCrLox_AP2uOMyAI&cid=CAQSKQAvHhf_x98Wk1o5wM9wrKknCUIiztL3LqF8g041q_63DCscfpIDvRB3&random=1859012405&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
293 B 653ms
261ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://orca.security
Date: Wed, 07 Feb 2024 02:08:18 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
873 B 50ms
49ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=captchaCallback

Requested by

Host: try.orca.security
URL: https://try.orca.security/js/forms2/js/forms2.min.js?ver=0.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da678f65d7cf9d50409be667aaeba20218dfb261478a13b6602d117b09e08a5b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 07 Feb 2024 02:08:18 GMT

GET
H2 200 XDFrame Show response
try.orca.security/index.php/form/ Frame 468C 2 KB
736 B 149ms
149ms Document
text/html 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://try.orca.security/index.php/form/XDFrame

Requested by

Host: try.orca.security
URL: https://try.orca.security/js/forms2/js/forms2.min.js?ver=0.1.0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75b2428ffe32319631a13395b0b3361b35809973273d90a0cfa4f50491559fea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 851815928b5558d8-TXL
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 07 Feb 2024 02:08:18 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ 491 KB
196 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaCallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200286
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Feb 2025 01:08:35 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 64 KB
17 KB 40ms
39ms Script
application/javascript 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/j/2aa3d219-295b-4023-ba43-3c4bfa09c5a7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

7f43c039df87253c09c05c7820cb76bcc6ef4da2c410bde4f10448fd115a2bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 22:26:50 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "65836a2a-ff10"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 17587
expires: Wed, 07 Feb 2024 02:08:18 GMT

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
697 B 125ms
40ms XHR
application/json 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:08:18 GMT
an-x-request-uuid: 63693995-c3b5-44bd-aed2-0ee4a5c4c50b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://orca.security
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.108; 80.255.7.108; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
191 B 49ms
40ms XHR
text/html 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:18 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://orca.security
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
308 B 181ms
40ms XHR
text/html 2a02:26f0:ab00::214:8e70
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::214:8e70 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3992ccb3af03535e9a36522b5bdab5c153ee264de529da6bb1eea9fcfa654abc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:08:18 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://orca.security
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a01:4a0:1338:92::11
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1707271698524_34901612_129999595_41_1037_38_79_219";dur=1
content-length: 20
expires: Wed, 07 Feb 2024 02:08:18 GMT

GET
H2 200 forms2.min.js Show response
try.orca.security/js/forms2/js/ Frame 468C 199 KB
66 KB 159ms
159ms Script
application/x-javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://try.orca.security/js/forms2/js/forms2.min.js

Requested by

Host: try.orca.security
URL: https://try.orca.security/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be64da47ffc5fc1e40ba8205a0974330a76815e151e84ba365a750a7c96f1d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://try.orca.security/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 05 Jan 2024 00:21:30 GMT
server: cloudflare
etag: "28289a-31ad2-60e27d4627680"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 851815938c0658d8-TXL
expires: Wed, 07 Feb 2024 06:08:18 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 228ms
220ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=null&visitor=fca3e15d-160d-4d10-8f69-0e8cd2428b42&session=f11ebf63-f3ed-4a1f-88fd-ebe345d181d8&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2007%20Feb%202024%2002%3A08%3A18%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Orca%20Security%20Research%20Pod%20discovered%20three%20vulnerabilities%20in%20Azure%20HDInsight%20that%20could%20lead%20to%20privilege%20escalation%20and%20denial%20of%20service.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&pageViewId=f1901487-53a4-4200-8348-903b53d17ce0&an_uid=0&webTagId=2aa3d219-295b-4023-ba43-3c4bfa09c5a7&v=1.1.14

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:18 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 263ms
255ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=null&visitor=fca3e15d-160d-4d10-8f69-0e8cd2428b42&session=f11ebf63-f3ed-4a1f-88fd-ebe345d181d8&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%2212faf3ac449b44ed37787fef7b8b3d09%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2007%20Feb%202024%2002%3A08%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2007%20Feb%202024%2002%3A08%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22071f14bfa9ca7a7453a4b3ef228849e6d72181c5%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2007%20Feb%202024%2002%3A08%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2007%20Feb%202024%2002%3A08%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2007%20Feb%202024%2002%3A08%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2007%20Feb%202024%2002%3A08%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2007%20Feb%202024%2002%3A08%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2007%20Feb%202024%2002%3A08%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%222aa3d219-295b-4023-ba43-3c4bfa09c5a7%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2007%20Feb%202024%2002%3A08%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2007%20Feb%202024%2002%3A08%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2007%20Feb%202024%2002%3A08%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableMapCookieCapture%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2007%20Feb%202024%2002%3A08%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2007%20Feb%202024%2002%3A08%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Orca%20Security%20Research%20Pod%20discovered%20three%20vulnerabilities%20in%20Azure%20HDInsight%20that%20could%20lead%20to%20privilege%20escalation%20and%20denial%20of%20service.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&pageViewId=f1901487-53a4-4200-8348-903b53d17ce0&an_uid=0&webTagId=2aa3d219-295b-4023-ba43-3c4bfa09c5a7&v=1.1.14

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:18 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 details Show response
epsilon-cloudfront.6sense.com/v3/company/ 747 B
870 B 128ms
49ms XHR
application/json 18.245.60.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon-cloudfront.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-108.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 4deb556de96868b8dca5e9b12aed579e6d5df6c8a91c79c2ed28997a8e5bd7a5

Request headers

Referer
accept-language: de-DE,de;q=0.9
Authorization: Token 071f14bfa9ca7a7453a4b3ef228849e6d72181c5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
X-6s-CustomID: WebTag 2aa3d219-295b-4023-ba43-3c4bfa09c5a7

Response headers

date: Wed, 07 Feb 2024 02:08:18 GMT
content-encoding: gzip
via: 1.1 5cf26f8164e0cad37f6634ff6aeac4ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
x-6si-region: eu-central-1a
content-length: 397
x-trace-id: 659448722841544066
server: nginx
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://orca.security
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-amz-cf-id: Iwa3y98EefpjTAAbxXCm_iKwyq1mVVRdjjH42DS3i_aMLMEvd4rBvQ==

OPTIONS
H2 200 details
epsilon-cloudfront.6sense.com/v3/company/ Frame 0
0 141ms
44ms Preflight 18.245.60.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon-cloudfront.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-108.fra60.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://orca.security
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://orca.security
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Wed, 07 Feb 2024 02:08:18 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
via: 1.1 72500140cb63ff2dee8b57e4476902e6.cloudfront.net (CloudFront)
x-6si-region: eu-central-1a
x-amz-cf-id: VvF8yqkRwicQzjIEVQUGRPmL1gneswBipynQp_Ijxoo9h_qGrtbwDw==
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
x-trace-id: 220635301859578123

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0106 44 KB
28 KB 64ms
64ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly9vcmNhLnNlY3VyaXR5OjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=pbu7jsb03tfr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b20e1e57de4041d2c702161b87cb0307cbcb35b386b72bc4353c341cd8de55e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OoTp3yIACROd1OePuMJqDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-OoTp3yIACROd1OePuMJqDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 02:08:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame DD47 44 KB
28 KB 79ms
79ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly9vcmNhLnNlY3VyaXR5OjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=8wgj82pqw3t3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

769b701a65ea950ceb6b1a36f4707f3d0afdc34f63af89746dd31be50b8114c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VkHBl2ER5tcglj_F42Oy9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-VkHBl2ER5tcglj_F42Oy9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 02:08:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 220ms
220ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=null&visitor=fca3e15d-160d-4d10-8f69-0e8cd2428b42&session=f11ebf63-f3ed-4a1f-88fd-ebe345d181d8&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A1338%3A92%3A%3A11%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Orca%20Security%20Research%20Pod%20discovered%20three%20vulnerabilities%20in%20Azure%20HDInsight%20that%20could%20lead%20to%20privilege%20escalation%20and%20denial%20of%20service.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&pageViewId=f1901487-53a4-4200-8348-903b53d17ce0&an_uid=0&webTagId=2aa3d219-295b-4023-ba43-3c4bfa09c5a7&v=1.1.14

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:18 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 Blog_New-FinServ-Grapphic-ABM_Feature.jpg
orca.security/wp-content/uploads/2023/07/ 17 KB
17 KB 39ms
39ms Image
image/webp 192.0.66.102
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orca.security/wp-content/uploads/2023/07/Blog_New-FinServ-Grapphic-ABM_Feature.jpg?w=750

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.102 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fe4b5ade9f33e7f8e2d72d4773c6053910543f2a3414832ef767828100add5cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:18 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 142 443
last-modified: Tue, 06 Feb 2024 08:40:49 GMT
server: nginx
etag: "9c04dea2bce1ae41"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 16946

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame 0106 55 KB
24 KB 122ms
42ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly9vcmNhLnNlY3VyaXR5OjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=pbu7jsb03tfr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 21:26:41 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame 0106 491 KB
196 KB 160ms
80ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200286
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Feb 2025 01:08:35 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame DD47 55 KB
24 KB 106ms
39ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 21:26:41 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/ Frame DD47 491 KB
196 KB 167ms
101ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200286
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 03:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Feb 2025 01:08:35 GMT

POST
H2 200 mon Show response
obseu.itstarsbuilding.com/ 0
145 B 60ms
60ms XHR
application/json 2a05:d018:56f:b804:6115:ed34:65c7:21ff
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.itstarsbuilding.com/mon
Requested by: Host: euob.itstarsbuilding.com
URL: https://euob.itstarsbuilding.com/sxp/i/7432380ce3d59e6e299bcd0897e20b99.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b804:6115:ed34:65c7:21ff Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://orca.security
date: Wed, 07 Feb 2024 02:08:18 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obseu.itstarsbuilding.com/ 0
16 B 60ms
60ms XHR
application/json 2a05:d018:56f:b804:6115:ed34:65c7:21ff
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.itstarsbuilding.com/mon
Requested by: Host: euob.itstarsbuilding.com
URL: https://euob.itstarsbuilding.com/sxp/i/7432380ce3d59e6e299bcd0897e20b99.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b804:6115:ed34:65c7:21ff Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://orca.security
date: Wed, 07 Feb 2024 02:08:18 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 220ms
220ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6sense-temp-analytics&svisitor=null&visitor=fca3e15d-160d-4d10-8f69-0e8cd2428b42&session=f11ebf63-f3ed-4a1f-88fd-ebe345d181d8&event=https%3A%2F%2Fepsilon-cloudfront.6sense.com&q=%7B%22name%22%3A%22https%3A%2F%2Fepsilon-cloudfront.6sense.com%2Fv3%2Fcompany%2Fdetails%22%2C%22entryType%22%3A%22resource%22%2C%22startTime%22%3A2648.2000007629395%2C%22duration%22%3A270.29999923706055%2C%22initiatorType%22%3A%22xmlhttprequest%22%2C%22deliveryType%22%3A%22%22%2C%22nextHopProtocol%22%3A%22%22%2C%22renderBlockingStatus%22%3A%22non-blocking%22%2C%22workerStart%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A2648.2000007629395%2C%22domainLookupStart%22%3A0%2C%22domainLookupEnd%22%3A0%2C%22connectStart%22%3A0%2C%22secureConnectionStart%22%3A0%2C%22connectEnd%22%3A0%2C%22requestStart%22%3A0%2C%22responseStart%22%3A0%2C%22firstInterimResponseStart%22%3A0%2C%22responseEnd%22%3A2918.5%2C%22transferSize%22%3A0%2C%22encodedBodySize%22%3A0%2C%22decodedBodySize%22%3A0%2C%22responseStatus%22%3A200%2C%22serverTiming%22%3A%5B%5D%2C%22metadata%22%3A%7B%22region%22%3A%22eu-central-1a%22%7D%7D&isIframe=false&m=%7B%22endpoint%22%3A%22epsilon.6sense.com%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&pageViewId=&d=1&v=1.1.14

Requested by

Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:19 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 infinigrow.js Show response
dss6ntp5q2r0o.cloudfront.net/2.9.0/ 74 KB
25 KB 147ms
46ms Script
application/javascript 2600:9000:266e:ba00:10:7994:d200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dss6ntp5q2r0o.cloudfront.net/2.9.0/infinigrow.js
Requested by: Host: ddzuuyx7zj81k.cloudfront.net
URL: https://ddzuuyx7zj81k.cloudfront.net/1.0.0/attributionSnippet.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:ba00:10:7994:d200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 05:44:53 GMT
content-encoding: gzip
via: 1.1 7b85fc567b776c0d31c5ac07cc6c2ae6.cloudfront.net (CloudFront)
last-modified: Sun, 24 Jun 2018 15:14:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
age: 73444
etag: W/"2f70fa2239343e20deb5c199873fbed1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: E3y1T3vCsDZDKaylUTlRgoX835Npd4IGc3K0LyA12hEAAawwv7LN8g==

GET
H3 200 qMev7i6X24vl5sjxzUkBtmX7wXFxxkn-xHhhygtdWMk.js Show response
www.google.com/js/bg/ Frame DD47 17 KB
7 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/qMev7i6X24vl5sjxzUkBtmX7wXFxxkn-xHhhygtdWMk.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c7afee2e97db8be5e6c8f1cd4901b665fbc17171c649fec47861ca0b5d58c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly9vcmNhLnNlY3VyaXR5OjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=8wgj82pqw3t3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6914
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 18:31:22 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame DD47 2 KB
2 KB 41ms
41ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 19:56:54 GMT
x-content-type-options: nosniff
age: 108685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 12 Feb 2024 19:56:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DD47 15 KB
16 KB 129ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 160589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DD47 15 KB
15 KB 140ms
50ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 61145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 09:09:14 GMT

GET
H3 200 qMev7i6X24vl5sjxzUkBtmX7wXFxxkn-xHhhygtdWMk.js Show response
www.google.com/js/bg/ Frame 0106 17 KB
7 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/qMev7i6X24vl5sjxzUkBtmX7wXFxxkn-xHhhygtdWMk.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c7afee2e97db8be5e6c8f1cd4901b665fbc17171c649fec47861ca0b5d58c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly9vcmNhLnNlY3VyaXR5OjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=pbu7jsb03tfr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:31:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6914
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 18:31:22 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0106 2 KB
2 KB 43ms
43ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/MHBiAvbtvk5Wb2eTZHoP1dUd/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 19:56:54 GMT
x-content-type-options: nosniff
age: 108685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 12 Feb 2024 19:56:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0106 15 KB
15 KB 175ms
98ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 160589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0106 15 KB
15 KB 162ms
84ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 61145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 09:09:14 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame DD47 102 B
135 B 52ms
52ms Other
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

88da3de1dc2c227432343cdf8c04ff54cc97013a9c57a1f1eda56ea5a37e8b9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly9vcmNhLnNlY3VyaXR5OjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=8wgj82pqw3t3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 07 Feb 2024 02:08:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0106 102 B
135 B 51ms
51ms Other
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

88da3de1dc2c227432343cdf8c04ff54cc97013a9c57a1f1eda56ea5a37e8b9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeINjUoAAAAADqSvQdrUey-8BtEh34CPuyHeIXp&co=aHR0cHM6Ly9vcmNhLnNlY3VyaXR5OjQ0Mw..&hl=de&v=MHBiAvbtvk5Wb2eTZHoP1dUd&size=invisible&cb=pbu7jsb03tfr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 07 Feb 2024 02:08:19 GMT

OPTIONS
H2 204 tp2
5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/com.snowplowanalytics.snowplow/ Frame 0
0 484ms
484ms Preflight 18.245.46.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-27.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://orca.security
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Length,Content-Type
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD
access-control-allow-origin: https://orca.security
access-control-max-age: 43200
date: Wed, 07 Feb 2024 02:08:19 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 f0393fc6725f4d719cff14263a50d286.cloudfront.net (CloudFront)
x-amz-apigw-id: SvjjGE7MvHcEmSQ=
x-amz-cf-id: HnSj_hKi4v3hJvqRuYU3205g5JHaaGpydY-EhvS3og2H2nRrOW4bbg==
x-amz-cf-pop: FRA56-P9
x-amzn-requestid: 15f68fb5-5a46-40c4-8795-74a2253bd4e3
x-amzn-trace-id: Root=1-65c2e613-614df1b94f05c64849e2026c;Sampled=0;lineage=ccf2bc8d:0
x-cache: Miss from cloudfront

POST
H2 200 tp2 Show response
5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/com.snowplowanalytics.snowplow/ 2 B
695 B 492ms
492ms XHR
text/plain 18.245.46.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: dss6ntp5q2r0o.cloudfront.net
URL: https://dss6ntp5q2r0o.cloudfront.net/2.9.0/infinigrow.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-27.fra56.r.cloudfront.net
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 07 Feb 2024 02:08:20 GMT
via: 1.1 43b9d5592d1dc6a44adc7ebaaf183280.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 2
x-amzn-remapped-server: akka-http/10.0.9
x-amz-cf-pop: FRA56-P9
x-amzn-requestid: eaa0f240-102e-45ee-ac1d-bb5eee3e91c5
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
x-amz-apigw-id: SvjjLFEEPHcELiA=
content-length: 2
x-amzn-trace-id: Root=1-65c2e614-6ba4e2c01c6b13ba2eb6f011;Sampled=0;lineage=ccf2bc8d:0
vary: Origin
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://orca.security
access-control-allow-credentials: true
x-amzn-remapped-date: Wed, 07 Feb 2024 02:08:20 GMT
x-amz-cf-id: CTHGGLttBk0PIEh9WkRGN0m2qSLBAOAOvu3tNfb66Gw_U80TQjSD-Q==

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 80 KB
21 KB 181ms
58ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cb80aeddef3b87d051bb4a14089f3f2ccf9bd67aae9580dc9615fa3bc24a9c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:19 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1143
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 21175
x-served-by: cache-iad-kcgs7200063-IAD, cache-sof1510038-SOF
x-browser-version: 121
last-modified: Tue, 06 Feb 2024 20:48:11 GMT
server: AmazonS3
x-timer: S1707271699.433394,VS0,VE0
etag: "7473762f5553d08c3f504f8f36e2a8e8"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 5e0b4d0e73854d17e0336093d1241067c538a663
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 81, 16

GET
H2 200 zi-tag.js Show response
js.zi-scripts.com/ 8 KB
3 KB 424ms
343ms Script
application/javascript 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: orca.security
URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfae35edc61595bd27d16c01ddc44ef00c152c0006e16f836101d3b6a6621d01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:19 GMT
x-amz-version-id: lFoq_FZJwJ3rDVe9.7kNMZjc5YKK6r5L
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Mon, 11 Dec 2023 12:17:02 GMT
server: cloudflare
via: 1.1 8ae1228303a81d51353490d58d5c6a52.cloudfront.net (CloudFront)
x-amz-cf-pop: BAH53-C1
etag: W/"15c02cdee0df6c26ba3d8c62d912c66c"
age: 79952
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cf-ray: 851815991a454534-TXL
x-amz-cf-id: CIvIP_mrL0JLJLdAYu8Ak0i1ur9cZNhFVsHJcqH1myej1K2QVdWprQ==

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=03FC7A029605458D9514BD02300FFDE3&RedC=c.clarity.ms&MXFR=35DDE9119E596AE12C0CFD0F9A59649D
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=03FC7A029605458D9514BD02300FFDE3&MUID=39A38F6FFA816F17021E9B71FB2D6EA4

42 B
442 B

62ms
62ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=03FC7A029605458D9514BD02300FFDE3&MUID=39A38F6FFA816F17021E9B71FB2D6EA4
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:08:18 GMT
last-modified: Wed, 10 Jan 2024 21:11:32 GMT
server: Microsoft-IIS/10.0
etag: "d765ee95944da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 02:08:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3829747FEE0344D78AD8CDD9772C6183 Ref B: FRA31EDGE0712 Ref C: 2024-02-07T02:08:19Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=03FC7A029605458D9514BD02300FFDE3&MUID=39A38F6FFA816F17021E9B71FB2D6EA4
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 474 KB
115 KB 193ms
72ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

40a12453cc8c810dcce7dbc7ac7d7803bbe40bffc360ca77b73cc2feac56953d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:19 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1143
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 118028
x-served-by: cache-iad-kiad7000035-IAD, cache-sof1510038-SOF
x-browser-version: 121
last-modified: Tue, 06 Feb 2024 20:48:11 GMT
server: AmazonS3
x-timer: S1707271699.433549,VS0,VE0
etag: "a236aaee728146619f4496cac67ae309"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 5e0b4d0e73854d17e0336093d1241067c538a663
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 83, 671

POST
H2 204 x
distillery.wistia.com/ 0
0 226ms
134ms Fetch 18.245.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-127.fra60.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Feb 2024 02:08:19 GMT
via: 1.1 fca814089bc9a82fba87ce0548f9f358.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P6
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
x-amz-cf-id: IBloA2D5QYre295pPhf4PT5FEy71-2ZCdYmX66FkxgPK1ek2S3jptQ==

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 902B 0
60 B 172ms
56ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=5hq4tlq&ref=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&upid=wavfaxa&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Wed, 07 Feb 2024 02:08:19 GMT
server: Kestrel

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
293 B 124ms
124ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://orca.security
Date: Wed, 07 Feb 2024 02:08:19 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 221ms
220ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=null&visitor=fca3e15d-160d-4d10-8f69-0e8cd2428b42&session=f11ebf63-f3ed-4a1f-88fd-ebe345d181d8&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2007%20Feb%202024%2002%3A08%3A19%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2007%20Feb%202024%2002%3A08%3A18%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Orca%20Security%20Research%20Pod%20discovered%20three%20vulnerabilities%20in%20Azure%20HDInsight%20that%20could%20lead%20to%20privilege%20escalation%20and%20denial%20of%20service.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&pageViewId=f1901487-53a4-4200-8348-903b53d17ce0&an_uid=0&webTagId=2aa3d219-295b-4023-ba43-3c4bfa09c5a7&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:19 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 ghms147sad.m3u8 Show response
fast.wistia.com/embed/medias/ 1 KB
2 KB 167ms
167ms XHR
application/x-mpegurl 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/ghms147sad.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

170d49d2f211ea86c7901313cffff4e64cf0fec56d75c964ca99457871295440

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:19 GMT
x-player-privacy-mode: 1
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 b471d3775e81a9be536b52b99f39452a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD89-C3
age: 16356
x-cache: Miss from cloudfront, HIT, MISS
x-envoy-upstream-service-time: 35
content-length: 1117
x-request-id: 9fdf652c-282b-4e3a-86f2-f5ce51d0626c
x-served-by: cache-iad-kcgs7200145-IAD, cache-sof1510038-SOF
x-runtime: 0.034530
x-browser-version: 121
server: envoy
x-timer: S1707271700.648184,VS0,VE110
etag: W/"170d49d2f211ea86c7901313cffff4e6"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 19J9Vfxuzn0lazGJGDhJrkAbJ5lR2wH0FH2W8a2dWQp-na5YXzMZsQ==
x-cache-hits: 18, 0

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
1 KB 58ms
58ms Image
image/gif 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:19 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 559
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kcgs7200077-IAD, cache-sof1510038-SOF
x-browser-version: 121
last-modified: Wed, 10 May 2023 19:48:54 GMT
server: AmazonS3
x-timer: S1707271700.653044,VS0,VE0
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10, 9

GET
H2 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 142 B
354 B 354ms
354ms Fetch
application/json 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6d163e23b1735df3a5efbc7ed141a75230116c5d950fa5f49b6abaafd161f350

Request headers

visited_url: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Referer
accept-language: de-DE,de;q=0.9
Authorization: Bearer 9e1255e6651669142601
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 07 Feb 2024 02:08:20 GMT
via: 1.1 672ac898729c66067858f840de1ea7fa.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: BAH53-C1
x-powered-by: Express
etag: W/"8e-HSotH4xxeKWTiO82a9DyBx52rmA"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 8518159ddcaa58ea-TXL
x-amz-cf-id: vH8psCOurr5mcML7mvLAQ2uI71Nga5qke2t7Y83nmuOy8l1isHl6EQ==
apigw-requestid: SvjjOilCvHcEPZQ=

OPTIONS
H2 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 416ms
355ms Preflight 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://orca.security
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: SvjjKjS-vHcEP0g=
cf-cache-status: DYNAMIC
cf-ray: 8518159baabc58ea-TXL
date: Wed, 07 Feb 2024 02:08:20 GMT
server: cloudflare
vary: Access-Control-Request-Headers
via: 1.1 672ac898729c66067858f840de1ea7fa.cloudfront.net (CloudFront)
x-amz-cf-id: 9hX3v_dhQTDr0Gs2aAcDWx0Yw5s4Pyk6lcwPEUWBVm_sYMCGJkUvtQ==
x-amz-cf-pop: BAH53-C1
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 4fe2249893dcdf76a702b6a9b979a1a321241192.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 4 KB
4 KB 120ms
40ms XHR
application/vnd.apple.mpegurl 2600:9000:211e:d600:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/4fe2249893dcdf76a702b6a9b979a1a321241192.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:d600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: d12246ba8ded5dd8ef38c14166862c692ac1e5b8eef5c388ce468ab47fb24782

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 15:37:26 GMT
via: 1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 37853
edge-cache-tag: 4fe2249893dcdf76a702b6a9b979a1a321241192-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 35
content-length: 3776
surrogate-key: 4fe2249893dcdf76a702b6a9b979a1a321241192-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5LD2uqdT7EIAgZiJbbIc4tJ2Xh-Jqv0Ii31v8RKCbjy2ZPoyOHx6Lg==
expires: Wed, 05 Feb 2025 15:37:26 GMT

POST
H2 200 mon Show response
obseu.itstarsbuilding.com/ 0
39 B 61ms
61ms XHR
application/json 2a05:d018:56f:b804:6115:ed34:65c7:21ff
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.itstarsbuilding.com/mon
Requested by: Host: euob.itstarsbuilding.com
URL: https://euob.itstarsbuilding.com/sxp/i/7432380ce3d59e6e299bcd0897e20b99.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b804:6115:ed34:65c7:21ff Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://orca.security
date: Wed, 07 Feb 2024 02:08:19 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 seg-1-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/4fe2249893dcdf76a702b6a9b979a1a321241192.m3u8/ 379 KB
380 KB 47ms
47ms XHR
video/mp2t 2600:9000:211e:d600:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/4fe2249893dcdf76a702b6a9b979a1a321241192.m3u8/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:d600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 923b5e4414ace31808803973c466cbaa8b0fcbcb6c020d2a973bd2b197aac96a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 15:34:31 GMT
via: 1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 38027
edge-cache-tag: 4fe2249893dcdf76a702b6a9b979a1a321241192-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 84
content-length: 388408
surrogate-key: 4fe2249893dcdf76a702b6a9b979a1a321241192-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -kOqyAXy5owu1HfMFjxM1xmfyA8ZXwkvCqsIe7xKI9aG-i2wgRNRoQ==
expires: Wed, 05 Feb 2025 15:34:31 GMT

GET
H2 200 051f97c1d367d43e9816305d9b25acfb8624d0a5.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 4 KB
4 KB 41ms
41ms XHR
application/vnd.apple.mpegurl 2600:9000:211e:d600:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/051f97c1d367d43e9816305d9b25acfb8624d0a5.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:d600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 72aa53192936d0d86f393286cdc633956b9019d3e05259f8ee61158cb40795ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 15:46:16 GMT
via: 1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 37324
edge-cache-tag: 051f97c1d367d43e9816305d9b25acfb8624d0a5-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 161
content-length: 3776
surrogate-key: 051f97c1d367d43e9816305d9b25acfb8624d0a5-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 01FDamHo4BrN2bRtK-uNNgHECtq4BF50Sc6u-DcPZ18DTfcMZN_RbA==
expires: Wed, 05 Feb 2025 15:46:16 GMT

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 23 KB
6 KB 58ms
57ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

10cd2bd88d9c59e9f40ab1a9d10b32b791910bcf6a4c482a3a2a8ec3b4dd1651

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://orca.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:20 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1145
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 5772
x-served-by: cache-iad-kcgs7200045-IAD, cache-sof1510038-SOF
x-browser-version: 121
last-modified: Tue, 06 Feb 2024 20:48:11 GMT
server: AmazonS3
x-timer: S1707271700.312394,VS0,VE0
etag: "9d91ebdfa2c74d235c3a3f9f4bc353f7"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 5e0b4d0e73854d17e0336093d1241067c538a663
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 82, 11

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 238ms
238ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=null&visitor=fca3e15d-160d-4d10-8f69-0e8cd2428b42&session=f11ebf63-f3ed-4a1f-88fd-ebe345d181d8&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2007%20Feb%202024%2002%3A08%3A20%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2007%20Feb%202024%2002%3A08%3A19%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Orca%20Security%20Research%20Pod%20discovered%20three%20vulnerabilities%20in%20Azure%20HDInsight%20that%20could%20lead%20to%20privilege%20escalation%20and%20denial%20of%20service.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&pageViewId=f1901487-53a4-4200-8348-903b53d17ce0&an_uid=0&webTagId=2aa3d219-295b-4023-ba43-3c4bfa09c5a7&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:20 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 / Show response
ws.zoominfo.com/pixel/KoeEOMZRk0HPEBurl41R/ 3 KB
2 KB 318ms
274ms Fetch
text/javascript 2606:4700::6810:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/KoeEOMZRk0HPEBurl41R/?iszitag=true

Requested by

Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9a8e6c5de89137f012b66192de46e51c7bf2d77eab569b535aa476a858b24f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

visited-url: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
Referer: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/
_vtok: ODAuMjU1LjcuMTA4
_zitok: dfb9400dfe28a0080d741707271700
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/javascript

Response headers

date: Wed, 07 Feb 2024 02:08:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://orca.security
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 851815a2584e9010-FRA

OPTIONS
H2 200 /
ws.zoominfo.com/pixel/KoeEOMZRk0HPEBurl41R/ Frame 0
0 304ms
204ms Preflight
text/html 2606:4700::6810:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/KoeEOMZRk0HPEBurl41R/?iszitag=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type,visited-url
Access-Control-Request-Method: GET
Origin: https://orca.security
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin: https://orca.security
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 851815a0caccbbfd-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 07 Feb 2024 02:08:20 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

POST
H2 200 mon Show response
obseu.itstarsbuilding.com/ 0
39 B 60ms
60ms XHR
application/json 2a05:d018:56f:b804:6115:ed34:65c7:21ff
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.itstarsbuilding.com/mon
Requested by: Host: euob.itstarsbuilding.com
URL: https://euob.itstarsbuilding.com/sxp/i/7432380ce3d59e6e299bcd0897e20b99.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b804:6115:ed34:65c7:21ff Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://orca.security
date: Wed, 07 Feb 2024 02:08:20 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
293 B 141ms
140ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://orca.security
Date: Wed, 07 Feb 2024 02:08:21 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 220ms
220ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=null&visitor=fca3e15d-160d-4d10-8f69-0e8cd2428b42&session=f11ebf63-f3ed-4a1f-88fd-ebe345d181d8&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2007%20Feb%202024%2002%3A08%3A21%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2007%20Feb%202024%2002%3A08%3A20%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223004%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Orca%20Security%20Research%20Pod%20discovered%20three%20vulnerabilities%20in%20Azure%20HDInsight%20that%20could%20lead%20to%20privilege%20escalation%20and%20denial%20of%20service.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&pageViewId=f1901487-53a4-4200-8348-903b53d17ce0&an_uid=0&webTagId=2aa3d219-295b-4023-ba43-3c4bfa09c5a7&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:21 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 221ms
220ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=null&visitor=fca3e15d-160d-4d10-8f69-0e8cd2428b42&session=f11ebf63-f3ed-4a1f-88fd-ebe345d181d8&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2007%20Feb%202024%2002%3A08%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2007%20Feb%202024%2002%3A08%3A21%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%224004%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Orca%20Security%20Research%20Pod%20discovered%20three%20vulnerabilities%20in%20Azure%20HDInsight%20that%20could%20lead%20to%20privilege%20escalation%20and%20denial%20of%20service.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&pageViewId=f1901487-53a4-4200-8348-903b53d17ce0&an_uid=0&webTagId=2aa3d219-295b-4023-ba43-3c4bfa09c5a7&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:22 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 mon Show response
obseu.itstarsbuilding.com/ 0
39 B 62ms
62ms XHR
application/json 2a05:d018:56f:b804:6115:ed34:65c7:21ff
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.itstarsbuilding.com/mon
Requested by: Host: euob.itstarsbuilding.com
URL: https://euob.itstarsbuilding.com/sxp/i/7432380ce3d59e6e299bcd0897e20b99.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b804:6115:ed34:65c7:21ff Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://orca.security
date: Wed, 07 Feb 2024 02:08:22 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 271ms
271ms Image
image/gif 2.17.100.193
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=null&visitor=fca3e15d-160d-4d10-8f69-0e8cd2428b42&session=f11ebf63-f3ed-4a1f-88fd-ebe345d181d8&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2007%20Feb%202024%2002%3A08%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2007%20Feb%202024%2002%3A08%3A22%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225005%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Orca%20Security%20Research%20Pod%20discovered%20three%20vulnerabilities%20in%20Azure%20HDInsight%20that%20could%20lead%20to%20privilege%20escalation%20and%20denial%20of%20service.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&pageViewId=f1901487-53a4-4200-8348-903b53d17ce0&an_uid=0&webTagId=2aa3d219-295b-4023-ba43-3c4bfa09c5a7&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.193 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-193.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:08:23 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET img.gif
b.6sc.co/v1/beacon/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.co
URL: https://t.co/i/adsct?bci=3&eci=2&event_id=5ba76e7f-172c-4cf0-9f22-e148e2de7ca9&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=34e5e949-f829-4643-bb21-6baf469084db&tw_document_href=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4qyy&type=javascript&version=2.3.29

Domain: analytics.twitter.com
URL: https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=5ba76e7f-172c-4cf0-9f22-e148e2de7ca9&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=34e5e949-f829-4643-bb21-6baf469084db&tw_document_href=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4qyy&type=javascript&version=2.3.29

Domain: b.6sc.co
URL: https://b.6sc.co/v1/beacon/img.gif?token=12faf3ac449b44ed37787fef7b8b3d09&svisitor=null&visitor=fca3e15d-160d-4d10-8f69-0e8cd2428b42&session=f11ebf63-f3ed-4a1f-88fd-ebe345d181d8&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2007%20Feb%202024%2002%3A08%3A24%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2007%20Feb%202024%2002%3A08%3A23%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%226005%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Orca%20Security%20Research%20Pod%20discovered%20three%20vulnerabilities%20in%20Azure%20HDInsight%20that%20could%20lead%20to%20privilege%20escalation%20and%20denial%20of%20service.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Azure%20HDInsight%20Privilege%20Escalation%20and%20Denial%20of%20Service%20Vulnerabilities%20%7C%20Orca%20Security%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&pageViewId=f1901487-53a4-4200-8348-903b53d17ce0&an_uid=0&webTagId=2aa3d219-295b-4023-ba43-3c4bfa09c5a7&v=1.1.14

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.orca.security/	1970-01-20 20:24:07	Name: _gcl_au Value: 1.1.2017189719.1707271698
.orca.security/	1970-01-21 03:50:31	Name: _mkto_trk Value: id:796-PBW-559&token:_mch-orca.security-1707271697614-74563
obseu.itstarsbuilding.com/	1970-01-21 02:18:22	Name: cg_uuid Value: 1c612ec7298a63f317e3dd43fc759413
.orca.security/	1970-01-21 03:50:31	Name: _ga_ZJX9BKF7WR Value: GS1.1.1707271697.1.0.1707271697.60.0.0
.orca.security/	1970-01-21 03:50:31	Name: _ga Value: GA1.1.371219492.1707271698
.try.orca.security/	1970-01-20 18:14:33	Name: __cf_bm Value: A.8H5cM86DWRjLdTSKMFnVO1ZFx4GRZR2sB75DbZKeo-1707271697-1-ATNGMXnPZ1JM7o2Ulg/Ndzr7bgbsGoepKbr8BjYTpyD1oeb89yoe7nUnLdF4MTDqT/ThD63AQ7XE+mAqBEYVYm0=
tracking.g2crowd.com/	1970-01-20 18:34:41	Name: _session_id Value: 265cc9d3495e4a7d882c43b8eac8a595
.g2crowd.com/	1970-01-20 18:14:33	Name: __cf_bm Value: QsQPcnvuTBonP.xvcSZWdGkvo87LCKVIt_BwxCbYjOo-1707271697-1-Acz2Xsi+SZppGkDM5Bkxpss59dade0QHy9YsDny9aTGDF/QwYfNeUo63nOfVn5uvHFuyv2Atu8DsCBMaLj57T18=
www.clarity.ms/	1970-01-21 03:00:07	Name: CLID Value: d6c8b7bf1912464ab9604c10b9240c48.20240207.20250206
.orca.security/	1970-01-21 03:00:07	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Feb+07+2024+03%3A08%3A17+GMT%2B0100+(Central+European+Standard+Time)&version=202310.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Forca.security%2Fresources%2Fblog%2Fazure-hd-insight-vulnerabilities-privilege-escalation%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CC0005%3A0
.doubleclick.net/	1970-01-21 03:36:07	Name: IDE Value: AHWqTUlguy67zyV-wrO5Oi9OWcNuqaURMu-ETwekkZ2XCizw4Ka6eNtYajaoSTv1
.linkedin.com/	1970-01-21 03:00:07	Name: bcookie Value: "v=2&00df2cd9-f8ef-4abf-884d-721e539844c8"
.linkedin.com/	1970-01-20 22:33:43	Name: li_gc Value: MTswOzE3MDcyNzE2OTg7MjswMjGgmkjMD7tWB8WVBmIUcNZrWKn8vEtd8fmDxg4nOldM2w==
.linkedin.com/	1970-01-20 18:15:58	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2712:u=1:x=1:i=1707271698:t=1707358098:v=2:sig=AQE5xi4Sh9e2bcux2W6Orf2415n8dD8H"
.orca.security/	1970-01-21 03:00:07	Name: _clck Value: j5r3ng%7C2%7Cfj2%7C0%7C1498
.orca.security/	1970-01-21 03:50:31	Name: __q_state_gndr1NireXGRNRuC Value: eyJ1dWlkIjoiMDExMTZiNjgtMDI5MC00NWZiLWJiM2MtNGQ5MDc0N2U0NmNkIiwiY29va2llRG9tYWluIjoib3JjYS5zZWN1cml0eSJ9
.adnxs.com/	1970-01-21 03:50:31	Name: receive-cookie-deprecation Value: 1
orca.security/	1970-01-20 18:24:36	Name: _an_uid Value: 0
orca.security/	1970-01-21 03:50:31	Name: _gd_visitor Value: fca3e15d-160d-4d10-8f69-0e8cd2428b42
orca.security/	1970-01-20 18:14:46	Name: _gd_session Value: f11ebf63-f3ed-4a1f-88fd-ebe345d181d8
try.orca.security/	1969-12-31 23:59:59	Name: BIGipServerab57web-nginx-app_https Value: !Fz8ar60lKU8VCKKkCIQPm+cqSAXSESCisZilfJdhFeLKhVE7T9nus+amxI8+PJl6oqAhkDicMQV2eJY=
.orca.security/	1970-01-20 18:15:58	Name: _clsk Value: 1mw18j8%7C1707271698934%7C1%7C1%7Cu.clarity.ms%2Fcollect
.5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/	1969-12-31 23:59:59	Name: _mkto_trk Value: id%3A796-PBW-559%26token%3A_mch-orca.security-1707271697614-74563
.5f6b2d0bd0ea9d00689c778b.services.infinigrow.com/	1970-01-20 18:14:35	Name: __ig_cookies Value: true
.6sc.co/	1970-01-21 03:50:31	Name: 6suuid Value: bd6411021366010012e6c26531030000e6a8dc00
.orca.security/	1970-01-20 18:14:33	Name: _sp_ses.8996 Value: *
.orca.security/	1970-01-21 03:50:31	Name: _sp_id.8996 Value: 610bc266-b098-4cae-a56f-970f52f3bb78.1707271699.1.1707271699.1707271699.f0b3d98d-6f88-4d1b-9e2a-5268ca340e10
.bing.com/	1970-01-21 03:36:07	Name: MUID Value: 39A38F6FFA816F17021E9B71FB2D6EA4
.c.bing.com/	1970-01-20 18:24:36	Name: MR Value: 0
.c.bing.com/	1970-01-21 03:36:07	Name: SRM_B Value: 39A38F6FFA816F17021E9B71FB2D6EA4
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 03:36:07	Name: MUID Value: 39A38F6FFA816F17021E9B71FB2D6EA4
.c.clarity.ms/	1970-01-20 18:24:36	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 18:14:32	Name: ANONCHK Value: 0
.orca.security/	1970-01-21 03:00:07	Name: _zitok Value: dfb9400dfe28a0080d741707271700
.zoominfo.com/	1970-01-20 18:14:33	Name: __cf_bm Value: Ni2Xr2faE5YWKEx7s8e0CR6Lvi77npdIuZbMv3Mrmh8-1707271701-1-AasNUh1L/tc50LDLxD9zaPy2Z8KP2WU4UvXvllxGN1YPxTNayC8q9e+LxXhwpKaOLhM4djvHc6WPrKcgu3oauEY=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: W2F9Y.Zuwhv_8h5voeTLlg39LqljM0I7Kjio19rbOgw-1707271701085-0-604800000

62 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: '*'.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/(Line 2302) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/(Line 2302) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/(Line 2302) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
worker	verbose	URL: blob:https://orca.security/c12e78e8-11cc-48af-b6ba-48b054998a92(Line 1) Message: Error
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://orca.security/wp-content/themes/orca-2023/dist/images/orca-research-pod.svg Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://orca.security/resources/blog/azure-hd-insight-vulnerabilities-privilege-escalation/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' data: 'unsafe-inline' 'unsafe-eval' 796-pbw-559.mktoresp.com .algolianet.com .twitter.com .company-target.com .qualified.com boards.greenhouse.io cdn.cookielaw.org content.hotjar.io ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net .wistia.com embedwistia-a.akamaihd.net .wistia.net .onetrust.com .orca.security googleads.g.doubleclick.net .googleusercontent.com .marketo.net orca.security .wp.com .linkedin.com static.ads-twitter.com .hotjar.com stats.g.doubleclick.net t.co .demandbase.com tracking.g2crowd.com .hotjar.io wss wss://ws.hotjar.com wss://ws.qualified.com www.google-analytics.com .google.com .google.ad .google.ae .google.com.af .google.com.ag .google.al .google.am .google.co.ao .google.com.ar .google.as .google.at .google.com.au .google.az .google.ba .google.com.bd .google.be .google.bf .google.bg .google.com.bh .google.bi .google.bj .google.com.bn .google.com.bo .google.com.br .google.bs .google.bt .google.co.bw .google.by .google.com.bz .google.ca .google.cd .google.cf .google.cg .google.ch .google.ci .google.co.ck .google.cl .google.cm .google.cn .google.com.co .google.co.cr .google.com.cu .google.cv .google.com.cy .google.cz .google.de .google.dj .google.dk .google.dm .google.com.do .google.dz .google.com.ec .google.ee .google.com.eg .google.es .google.com.et .google.fi .google.com.fj .google.fm .google.fr .google.ga .google.ge .google.gg .google.com.gh .google.com.gi .google.gl .google.gm .google.gr .google.com.gt .google.gy .google.com.hk .google.hn .google.hr .google.ht .google.hu .google.co.id .google.ie .google.co.il .google.im .google.co.in .google.iq .google.is .google.it .google.je .google.com.jm .google.jo .google.co.jp .google.co.ke .google.com.kh .google.ki .google.kg .google.co.kr .google.com.kw .google.kz .google.la .google.com.lb .google.li .google.lk .google.co.ls .google.lt .google.lu .google.lv .google.com.ly .google.co.ma .google.md .google.me .google.mg .google.mk .google.ml .google.com.mm .google.mn .google.com.mt .google.mu .google.mv .google.mw .google.com.mx .google.com.my .google.co.mz .google.com.na .google.com.ng .google.com.ni .google.ne .google.nl .google.no .google.com.np .google.nr .google.nu .google.co.nz .google.com.om .google.com.pa .google.com.pe .google.com.pg .google.com.ph .google.com.pk .google.pl .google.pn .google.com.pr .google.ps .google.pt .google.com.py .google.com.qa .google.ro .google.ru .google.rw .google.com.sa .google.com.sb .google.sc .google.se .google.com.sg .google.sh .google.si .google.sk .google.com.sl .google.sn .google.so .google.sm .google.sr .google.st .google.com.sv .google.td .google.tg .google.co.th .google.com.tj .google.tl .google.tm .google.tn .google.to .google.com.tr .google.tt .google.com.tw .google.co.tz .google.com.ua .google.co.ug .google.co.uk .google.com.uy .google.co.uz .google.com.vc .google.co.ve .google.co.vi .google.com.vn .google.vu .google.ws .google.rs .google.co.za .google.co.zm .google.co.zw .google.cat www.googleoptimize.com www.googletagmanager.com www.youtube.com .gravatar.com ad.doubleclick.net analytics.twitter.com boards.cdn.greenhouse.io fonts.gstatic.com mc.yandex.ru pagead2.googlesyndication.com pos.baidu.com translate.googleapis.com .bing.com region1.analytics.google.com api.mkmediaworks.com blob: https://orca.security/5fc9ffbb-97f6-4f2c-b9d4-572461ee66bf cdn.linkedin.oribi.io obseu.segreencolumn.com www.google.cn www.google.com.eg www.google.kg www.google.tm www.gstatic.com www.google.com.bo .adsrvr.org sentry.io euob.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com .clarity.ms www.googleadservices.com 5f6b2d0bd0ea9d00689c778b.services.infinigrow.com lh7-us.googleusercontent.com cm.g.doubleclick.net ssl.google-analytics.com www.facebook.com id.rlcdn.com dsum-sec.casalemedia.com partners.tremorhub.com pixel.rubiconproject.com s.w.org token.rubiconproject.com rapidsec.com munchkin.marketo.net o95209.ingest.sentry.io s3.eu-west-1.amazonaws.com translate-pa.googleapis.com .linkedin.com .algolia.net orca-2024.go-vip.net .6sc.co .6sense.com js.zi-scripts.com ws.zoominfo.com secure.adnxs.com; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' boards.greenhouse.io cdn.cookielaw.org ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net euob.segreencolumn.com fast.wistia.com fast.wistia.net go.orca.security googleads.g.doubleclick.net js.qualified.com munchkin.marketo.net orca.security pi.pardot.com script.hotjar.com static.ads-twitter.com static.hotjar.com stats.wp.com tag.demandbase.com tracking.g2crowd.com try.orca.security www.google-analytics.com www.googleoptimize.com www.googletagmanager.com connect.facebook.net www.google.com www.gstatic.com js.adsrvr.org edge.marker.io obseu.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com www.clarity.ms www.googleadservices.com tpc.googlesyndication.com snap.licdn.com .6sc.co .6sense.com; script-src-elem 'self' data: 'unsafe-inline' app.vwo.com boards.greenhouse.io cdn.cookielaw.org cdnjs.cloudflare.com connect.facebook.net ddzuuyx7zj81k.cloudfront.net dev.visualwebsiteoptimizer.com dss6ntp5q2r0o.cloudfront.net .wistia.com .wistia.net .orca.security googleads.g.doubleclick.net .qualified.com munchkin.marketo.net orca.security .hotjar.com ssl.google-analytics.com static.ads-twitter.com .wp.com .demandbase.com tpc.googlesyndication.com tracking.g2crowd.com .googleapis.com .google.com www.google-analytics.com www.googleadservices.com www.googleoptimize.com www.googletagmanager.com yoast.com rapidsec.com s3.eu-central-1.amazonaws.com www.gstatic.com www.youtube.com js.adsrvr.org edge.marker.io api.company-target.com euob.segreencolumn.com euob.itstarsbuilding.com obseu.itstarsbuilding.com .clarity.ms obseu.segreencolumn.com snap.licdn.com shortstack.services.atlassian.com .google.ca .6sc.co .6sense.com js.zi-scripts.com; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline' orca.security .orca.security fonts.googleapis.com; style-src-elem 'self' data: 'unsafe-inline' .qualified.com fonts.googleapis.com .orca.security orca.security www.googletagmanager.com www.gstatic.com p.typekit.net .wp.com; style-src-attr 'unsafe-inline'; font-src 'self' data: assets.qualified.com fast.wistia.com fast.wistia.net fonts.gstatic.com github.com .fontawesome.com orca.security themes.googleusercontent.com use.typekit.net fonts.cdnfonts.com static.zip.co fonts.googleapis.com at.alicdn.com .orca.security .wp.com; media-src 'self' app.qualified.com .wistia.com embedwistia-a.akamaihd.net .wistia.net ssl.gstatic.com blob: data: www.youtube.com; object-src 'self' .wistia.com embedwistia-a.akamaihd.net orca.security; child-src 'self' app.qualified.com boards.greenhouse.io fast.wistia.com fast.wistia.net go.orca.security s.company-target.com try.orca.security www.youtube.com blob: .google.com .adsrvr.org insight.adsrvr.cn; frame-src 'self' 5gtvu7km85.execute-api.us-east-1.amazonaws.com .google.com app.qualified.com .opendns.com boards.greenhouse.io fast.wistia.com fast.wistia.net .orca.security orca.security s.company-target.com td.doubleclick.net tpc.googlesyndication.com www.googletagmanager.com www.youtube.com .adsrvr.cn .adsrvr.org app.marker.io lsrelay-config-production.s3.amazonaws.com obseu.segreencolumn.com obseu.itstarsbuilding.com schools-blocked.s3-website-us-east-1.amazonaws.com login.microsoftonline.us widgets.wp.com; worker-src blob:; frame-ancestors 'self'; form-action 'self' .orca.security orca.security; manifest-src 'self' orca.security .orca.security; report-uri https://osweb25b8034a79abb3.report-uri.com/r/t/csp/reportOnly
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5f6b2d0bd0ea9d00689c778b.services.infinigrow.com
796-pbw-559.mktoresp.com
abzbmmyyoz-dsn.algolia.net
analytics.twitter.com
b.6sc.co
c.6sc.co
c.bing.com
c.clarity.ms
cdn.cookielaw.org
ddzuuyx7zj81k.cloudfront.net
distillery.wistia.com
dss6ntp5q2r0o.cloudfront.net
embed-cloudfront.wistia.com
embed-ssl.wistia.com
epsilon-cloudfront.6sense.com
euob.itstarsbuilding.com
fast.wistia.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
insight.adsrvr.org
ipv6.6sc.co
j.6sc.co
js.adsrvr.org
js.qualified.com
js.zi-scripts.com
munchkin.marketo.net
obseu.itstarsbuilding.com
orca.security
pixel.wp.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
stats.wp.com
t.co
tracking.g2crowd.com
try.orca.security
u.clarity.ms
ws.zoominfo.com
www.clarity.ms
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
analytics.twitter.com
b.6sc.co
t.co
104.17.70.206
108.138.15.119
13.107.42.14
142.250.186.130
146.75.120.157
172.64.150.44
18.245.46.27
18.245.60.108
18.245.86.127
192.0.66.102
192.0.76.3
192.28.144.124
2.17.100.193
2001:4860:4802:32::36
209.58.137.100
2600:9000:2057:5200:8:8d2f:9e00:21
2600:9000:211e:3e00:1e:c86:4140:93a1
2600:9000:211e:d600:1e:c86:4140:93a1
2600:9000:214f:9800:8:7bee:ac40:93a1
2600:9000:266e:ba00:10:7994:d200:21
2606:4700:4400::ac40:90e1
2606:4700:4400::ac40:9b77
2606:4700::6810:880f
2606:4700::6812:1005
2606:4700::6812:83ec
2620:1ec:21::14
2620:1ec:46::60
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:811::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9c
2a02:26f0:480:f::213:7edd
2a02:26f0:ab00::214:8e70
2a04:4e42::644
2a05:d018:56f:b804:6115:ed34:65c7:21ff
35.71.131.137
37.252.171.53
4.227.249.197
68.219.88.97
88.221.60.75
005399c6c3716a18a1225732e29d7dcce77c8a093021161c0e00f4d6dda7e442
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
00d983ce9c2db4c5f5672f77a5a3e10c609e9ad4148aa89ec3df51f2dc1e779b
01c0908883c6fbc352a302170f1a8863b306b4f71cc11daea1da4c37f6d0acc1
04d9098bdbd3c1231d3dc51643ff72785b9fa919676cda7936ca24433d144232
0542c5a98349aa30b87a9923c5ccb2dc35014ecf902e82c8e32faec9e4ac3751
06fbf76bf46d824c5ff33fdddbaebc08954ed04c125ddb8c7f210309fcd4c88f
0b4f9731e356605b5e26444de20bc8c2a5295e5e3359bb76b6006d25536b8da6
0b57da8a8837aeafe495ee4334cc66e4272ce8b9ef426b041734eda6c443922e
0d087be61225a7e3cdc3cd46d4af78ce90badc7301d49c64a44abd919ab9e30d
0de9d165bf18a8f6c290ad0b391528bb7dca74732479dd3c46a8c4d9f6846235
0df18c32cb7381c8fea60180bb84ad147116e9eedb189c1fc3c44026d20b31af
1039079733f5bd1fb167a570c65e6843547b9380c8d45d3ec3ba665a9dc15e28
10cd2bd88d9c59e9f40ab1a9d10b32b791910bcf6a4c482a3a2a8ec3b4dd1651
14328f67af6b839ac4f57c7e5c2b32ef51e9d2d0f6532731120d1c989f8476f2
160dfc817c65edbb6c32670c6434046ad7ab624ac9bcfd9c1aa6694f3c922483
16f11b299f5229f0087fc6c3ef30e126342f7749b8c5f49b9bd7228064e460a5
170d49d2f211ea86c7901313cffff4e64cf0fec56d75c964ca99457871295440
1acd2ddce44226de9ce45da431ad15a4d8512202bf04d9922dd876e2c845de7a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c430e4f8fdef1e696462cf37f9f258a960cb2295029cee4831461f5cafe9e41
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1db6ceb28ebc8d2a17ae00c0be97bcbaad06bb5949d37ef9d5f5562420de0f24
1ede50389f3f336c156d47a0d369cac251fbb9e176939ff0ad4f752f94b87296
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2362a00c5e70fc5a375f7d6ec03e9f1c6a44fff4a192023289aaa962a634ff17
2427db0a446c20e1d51d94c99803c2b60f7f0130b3d04117b9cfe61be77ad09d
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2923c81904d1122f9d03aaa1315f3ab9767da4904bded7d776e6c8d6e7bc49e6
2a674688eae17fd5edb4f39fd2b30ed7649544a4913ad6ec471188bab01f50e4
2cfeefc415877d8864e9c4f1b95d3785297407cf7a8cf5d90d2c6fda421a41d2
2db8c65bb0cb90c838febf4889282fd8955b140d5e1424463c597ce25d8e517c
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f6de68c5b89d8e658deab59d371c31b4bf9b12c7371dcaa660fa49b0b1299ad
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
363afd630a0ffee17e99b5becafd03af75e353cee12162b372b8c921fb70fb71
383077e47cf3dbb3c42bbde97294c69f704d251c0c0eb5ab839b87c7565aff79
3992ccb3af03535e9a36522b5bdab5c153ee264de529da6bb1eea9fcfa654abc
39a40c3f9c0f4b126a8484a03da4f80f6eee667072e86015a425c814e8843b15
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e58578e20d1c6f8bbb0587a4843e49b806704e5cd346c10ebe93f418d1814ff
40a12453cc8c810dcce7dbc7ac7d7803bbe40bffc360ca77b73cc2feac56953d
4434d44d437a163408220aa8e2885f8ffd90a179cd9cfb2d321e1dfd29b6bbb0
45bc49e6099227777b8bc79c88e210c2c53a530c40b3ab0141a25b1f15b581fe
48a1c5357f10501a6c576d99d9dae33a11d3b9fe26f4b135ba3e5f5a757d95e9
4976769ff1a9895478cd633c29b2204d933cc906d96f731e6286934c24f4df70
4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3
4deb556de96868b8dca5e9b12aed579e6d5df6c8a91c79c2ed28997a8e5bd7a5
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5359c1effe74a75b7c56aadedaf40fc347e4803ed40b48ba21b5a2b89b9c5adb
53f47324b4d0e63d370b1469fd420ea4ee200e1a4cb98682f43904b39fe37545
54fc4e136dd938397d9004a9439be45964418fe04af69e90c60cc4107718fb0c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
567e9e8ca7d0f6f245c1f6dc1c4bc2684fc9c50a12ae88af7c202d990d8163cf
56fcf3a805bb2c46e887358cd4f6a7842c18a35e45a0ae2277afd0a47627ba5e
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
585bdce5d5518653bacf3e7ed038370ea4974eef6ecc8647bd0107a50b771d15
5a2a4e488576ac609d10813578e0b7f7406dbec79b73d3e07743e6a892c28e63
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b142c8284409f7a1c6a7d89ad708ff0548be568b43816a721f8e30daec476ba
5f51fac826bb43d5d239f767a2ec88b8da836610fb9cd6960aea9d6e4ffcf0d1
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
615fb10a6705cadeb9a62d38cefbc3e3c745366e69536c0e4bb18d0c0bff8e90
62a3262aea8befe6e0ebdbe600be46e7396cb297b11755482776ec78b8d2765f
62b094c8c6de4d9922f7df6ce3ef08cd6945cb34700145c37dd4e4fb8b324687
62c361119951ce313444e6c5e1ef241e3a12dc43f88bfb25dddd304cefef913e
65f976cffe2202ce71f130a2a4496ca28762a5323229d71ae014d1205c4ffdad
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6ad21910ff0e53c0df3de8960e92cd8f245cef49bf51506f2e0c993d30b7adf2
6d163e23b1735df3a5efbc7ed141a75230116c5d950fa5f49b6abaafd161f350
72890f0cab51943c86cf1a54bbaf6486496c5244846dfa32169858fa19ddd6d0
72aa53192936d0d86f393286cdc633956b9019d3e05259f8ee61158cb40795ad
7429ba59299387d5b2445949464b6b58111c47c8363459c1dfe16a541ff0c397
75b2428ffe32319631a13395b0b3361b35809973273d90a0cfa4f50491559fea
769b701a65ea950ceb6b1a36f4707f3d0afdc34f63af89746dd31be50b8114c9
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
7b205f4a91ffaf2772eacbe701f3a4072c0875e6749b28ba1eecad9906fb8f41
7babae28966f56b9b1c0a4ddb58fd902dbbc5e08faa3c6db5605d7ec5b6380f3
7d5c0fb38611921f53d2572bec0da1dc619d2b98dfebe69614fcd12f03ff5fa3
7f43c039df87253c09c05c7820cb76bcc6ef4da2c410bde4f10448fd115a2bc2
81cf9d1b824e048e06d4527737e0fed697c5c508620da288ad24a0df22ebca21
838f4b697deefb701f31eb892e6dde74a92dd7c65d4d56f967bb79c17a66d79e
84f3868dfda36ec5d88581f12edd89db12804a4ddaa40789b6a4b3872202a5fa
85fa9e907131c0a08bd1323f6da094bb52e87d395a4830a494ba3e640ca8a233
88da3de1dc2c227432343cdf8c04ff54cc97013a9c57a1f1eda56ea5a37e8b9c
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
915387bf75776249ae1c1be9429669d5120eaf4592d77fe3ec18bb67365080be
923b5e4414ace31808803973c466cbaa8b0fcbcb6c020d2a973bd2b197aac96a
9335023f487ddb577eab2bf78694d24b4937ec0bc14242ade70d4861248c758e
9427d52ab5fb6d550d7d77b8d2ca2890a3b55121f26c71cd081ac031e2c16c9a
943127a312607490e9c6f19d006cc14acc56c8d7946eb8650921416a4fc0a6f6
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
990ebd25f3a7612440c94770d525ec652f279078e1ff093c93cee24ce2d76e46
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99ebee226746d25c55a25ea2d9a4b8d1d28893fabbcda92ae7a3adb648ec25aa
9a8e6c5de89137f012b66192de46e51c7bf2d77eab569b535aa476a858b24f28
9d2e1f7c74ee7d8f55624dba11806f1e94e7fe5770232429bf37247a7bdf5a08
9da5c4d7969780a833c887b65df58a3b6abe8fdac34dfaafd12fb821dfe88a52
9f8b438d6e93fb1a7708d7de42b01e96b8b187fe5a717689dd0bc2847fdcb8c0
9fe294dd92bae24a09f466290e3daf5dbebb6a2dfed460c72b2d4ec8fefd337d
a26c6b08f043efef7e236eb6464e096f0d0a995c35c5f6074d4cc1c695cbe9b0
a27830e6bf605d0f7701f45b9e8cb7232b33b9eae671c595497129675c15b496
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a3b2b4822b0b8c3f9132352886ea979317c4dc69ffb3be36e3bc198ea515bfd0
a53ebf99d21e667066a20cad4eeca84b1bac65209cd408e22b38947da1d0fd12
a6bb7efba5e9e1282a6ad4b644f5ba3fa12578664f28a4019b0d1cfcda3c5dc5
a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a8c7afee2e97db8be5e6c8f1cd4901b665fbc17171c649fec47861ca0b5d58c9
a9b39333ce603a1ceda459502309beb189da55aae93fa92ff7c41f9fab8fa0d8
ab5a3c019aae66caee74e5057ba78559dd257aa41414f42af3ebd44c912b0fee
ad234f0985f2142bb1fa3a281ddf2511d320f84f73422df2b2384f115b4b9131
b032706fdf93ea01a6a7e5788f4269c4fba9184967cdb055f831d265b6ab925e
b185aaeb02a3922c60ee4489b5e29072f370bbb27462a35a8443c53f2bf9ef62
b20e1e57de4041d2c702161b87cb0307cbcb35b386b72bc4353c341cd8de55e0
b2b83686b998dca41fa8259ef256b506f1182507b7d2cf8740a506c4acc4189f
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b91cff392fbdad472a9d7da3966552ed21b1f419be23e207f34ce15b6f87085f
ba4b9e500c3f32406522faa989ea4eb47ebf2b5f35e071451abb16fccb1d68e1
baa629af82ac18d562be09963b07752911c5fbddd40ddeeac82cd4cad9e0b0ba
bceff0710e3a7fe5b3622265c48b6fbc055cf071df80ef5f36ffc69550296664
be168a37f181bb9e9da6ac774305a1caafd8f60b774db0adab0c19cc4a9e2d09
be64da47ffc5fc1e40ba8205a0974330a76815e151e84ba365a750a7c96f1d1d
bee7c68dfa7f1cd2d606bf22dc1710ff295a7c842c4fcd6f165c3398b20b30c3
bfae35edc61595bd27d16c01ddc44ef00c152c0006e16f836101d3b6a6621d01
c01c3ea6d9369a98891f5f9bc59955329dc6df20da11121a935c24fa2b27ccd9
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c26d64f0a485a7ab0ec09606b78be9b3d1383afff6efde548b386f939122984c
c40e7ca259f84db3323098c01530bb15eff259c388fbc93b41f9c3c5b335c6dd
c42c95c9fc7fe1aa2b76664feba1a262a2219640e7aded249408a579b5b7442d
c8276e755aa097a79185d1adf2d549c34514c66e5ec60322b08b34f6838caa05
c8f6428d72ad132b9dfa15bfe9c9023323fc4e180e62d5f02b54eff2f2eebce0
cb42ca94cfebcec64f4c5f01a67af01b6ac1fb851e2b97e3cf30d3bd7093d2ef
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb80aeddef3b87d051bb4a14089f3f2ccf9bd67aae9580dc9615fa3bc24a9c6d
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cd967e1dbbe051fd7cc1029643231f25794da1cfabaa31efeae11c019c3d0e5d
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d12246ba8ded5dd8ef38c14166862c692ac1e5b8eef5c388ce468ab47fb24782
d3b51c510f7d2a3ee7c9e1990c712879db89bc8bac614b30add22f61b74d2a53
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d493c7b994b930abf394aecaa7b6fef4b1ea45a877fe46ee677fa80e6b9e50d7
d9a468175191421dd4614dc35cc6209983abdf4691f0eb73c9e622b734d45a16
da678f65d7cf9d50409be667aaeba20218dfb261478a13b6602d117b09e08a5b
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
dae9418957c9f7eaf34d217aa4a4cec45137b1d7d41933a85c7acf3baee4bb88
db1871ffa95c0cf965a3c672a924d2122a1faaf164961b82bc7b1b3273385a5c
dcb295c8fe68cee7b5f3ba9cc489f9a2d88d11d4612777ef0609a3c5f38935f6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e20c96db83bf094914b664379f2064d1ff98163d2edebc7b955374de2875f631
e24bd3998ec466450d4bba6e92f351a8a429369148f2697e9ee33d26cbcab364
e3260db446188242293e04a658411e44c6175108bc5d8b7e7676e8786d4f0501
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65632b8cb6ac743d81953df761e8dd233cf7bf18bc179153180d0ce3bcef65c
e6d5bb155c0f8d862a1ce1cef045b3762649307c88a2543d6f76a4b735523855
e728b459fb488fd5423a93f76b91d0b70689589ece46c379d76ab4364b4fc1e1
e7b2c4427c0d8ccd45a7d3381a13801a6cbe8576c81584fbcf6d823149560d32
e8f71867a6991d5a1ba2b9cd33000e8d8691f6ba8864516946b62087de93aa85
eb971e0c3bf577f2fb1e39766e5861285ecb849467cfe3ed64252430cc95c5bf
eced1a4c85eefaadd56a75120dff397474d171e7f24b0ffff7a98ac426e42ca3
ee5b2d55502f6214cbf45878d363cbf9304ee7cc6def3f561de93c7b6f71b0a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5f4037aae149a7ecc7f0ac0aacc4389181ca29b8232ced5423faf71229367e6
f6016ce7fb7938e9118e1a0d29a1388f5aaa0b25bf7f65df70fb3e31422d0465
f7347c2b3c0649df0a10fdd68d29cc0ff17a250992a2f5f5cce375f71a9aa8d5
f88eb9b6ea2ddecf6dab3e397c92e757e562f78dad657c7c96ba193966abea32
f9058b22f0c28da12ce86e24e517793315a78f2f4891d2674c4b70f6ceb8e481
fa27a7e4dadb5bba785cf325bc37f2be82be36b93d53efec5e3c1cd185b05bf4
faf6e6e3573dc6f4be5e7efe63ccd97dbe4b5a63de4ca70f8587566ca91063e1
fb8189d5d2e3f2f0e73091ea2f1751bfb4e493de73849950bfa5e66fc0d616e5
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe4b5ade9f33e7f8e2d72d4773c6053910543f2a3414832ef767828100add5cf
ff2fcb47c87bece8773122f01642ca316eddf106d8d2667000d2ac2963f1f29a

orca.security Open in urlscan Pro 192.0.66.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

233 Requests

97 %HTTPS

57 %IPv6

32 Domains

49 Subdomains

44 IPs

5 Countries

9346 kBTransfer

15302 kBSize

37 Cookies

24 Outgoing links

Redirected requests

233 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

orca.security Open in urlscan Pro
192.0.66.102 Public Scan

Screenshot
Live screenshot

Full Image

233
Requests

97 %
HTTPS

57 %
IPv6

32
Domains

49
Subdomains

44
IPs

5
Countries

9346 kB
Transfer

15302 kB
Size

37
Cookies

233 HTTP transactions
3 data transactions