URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Submission: On February 10 via api from BE — Scanned from DE

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 71 HTTP transactions. The main IP is 2606:4700::6812:191, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ired.team.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 27th 2021. Valid for: a year.
This is the only time www.ired.team was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 2606:4700::68... 13335 (CLOUDFLAR...)
42 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.32.22.119 16509 (AMAZON-02)
1 2a04:4e42::282 54113 (FASTLY)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.120.195.249 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:50c0:800... 54113 (FASTLY)
71 11
Apex Domain
Subdomains
Transfer
47 gitbook.com
app.gitbook.com — Cisco Umbrella Rank: 84977
www.gitbook.com — Cisco Umbrella Rank: 122258
2 MB
12 gitbook.io
2603957456-files.gitbook.io
442 KB
3 googleapis.com
firestore.googleapis.com — Cisco Umbrella Rank: 2018
9 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 ired.team
www.ired.team
424 KB
1 mitre.org
attack.mitre.org — Cisco Umbrella Rank: 283338
7 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
36 KB
1 sentry.io
o1000929.ingest.sentry.io — Cisco Umbrella Rank: 104477
244 B
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 1921
706 B
1 iframe.ly
cdn.iframe.ly — Cisco Umbrella Rank: 26765
7 KB
71 10
Domain Requested by
43 app.gitbook.com www.ired.team
app.gitbook.com
12 2603957456-files.gitbook.io www.ired.team
app.gitbook.com
4 www.gitbook.com www.ired.team
app.gitbook.com
3 firestore.googleapis.com app.gitbook.com
2 www.google-analytics.com www.googletagmanager.com
app.gitbook.com
2 www.ired.team www.ired.team
1 attack.mitre.org
1 www.googletagmanager.com app.gitbook.com
1 o1000929.ingest.sentry.io app.gitbook.com
1 cdn.polyfill.io www.ired.team
1 cdn.iframe.ly www.ired.team
71 11

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
github.com
twitter.com
www.patreon.com
www.gitbook.com
policies.gitbook.com
Subject Issuer Validity Valid
www.ired.team
Cloudflare Inc ECC CA-3
2021-10-27 -
2022-10-26
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-16 -
2022-06-15
a year crt.sh
*.iframe.ly
Amazon
2021-12-02 -
2022-12-30
a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020
2021-06-04 -
2022-07-06
a year crt.sh
*.ingest.sentry.io
R3
2021-12-23 -
2022-03-23
3 months crt.sh
edgecert.googleapis.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
attack.mitre.org
R3
2022-02-04 -
2022-05-05
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Frame ID: 410E8398901B8E1636796B37784E6641
Requests: 72 HTTP requests in this frame

Screenshot

Page Title

Installing Root Certificate - Red Teaming Experiments

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

71
Requests

100 %
HTTPS

80 %
IPv6

10
Domains

11
Subdomains

11
IPs

2
Countries

3200 kB
Transfer

14415 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

71 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request t1130-install-root-certificate
www.ired.team/offensive-security/persistence/
2 MB
424 KB
Document
General
Full URL
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
ae2d50241a5a8dc73dfe46fa805d284d4d7f3f787d92eb821d974764c4fd9b3a
Security Headers
Name Value
Content-Security-Policy frame-ancestors https:; default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com; worker-src 'self' blob:; frame-src www.intercom-reporting.com www.googletagmanager.com *; form-action api-iam.intercom.io intercom.help; media-src *.intercomcdn.com; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 10 Feb 2022 16:30:57 GMT
content-type
text/html; charset=utf-8
cf-ray
6db6b99a4d2991d8-FRA
age
65494
cache-control
public, max-age=86400, s-maxage=86400, stale-while-revalidate=3600, stale-if-error=43200
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cf-cache-status
HIT
content-security-policy
frame-ancestors https:; default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com; worker-src 'self' blob:; frame-src www.intercom-reporting.com www.googletagmanager.com *; form-action api-iam.intercom.io intercom.help; media-src *.intercomcdn.com; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
function-execution-id
fpk6xglmvnm2
referrer-policy
no-referrer-when-downgrade
x-cloud-trace-context
f9fcbee0ba356bed03fbbcbc8a28ccdb
x-content-type-options
nosniff
x-powered-by
GitBook
server
cloudflare
content-encoding
gzip
Roboto-Bold.woff2
app.gitbook.com/public/fonts/Roboto/
62 KB
63 KB
Font
General
Full URL
https://app.gitbook.com/public/fonts/Roboto/Roboto-Bold.woff2?v=3.19
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9181efb23e405a5ae51f5eb9ed17564496ab30195bfa13ecb923460d8a92300

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
cf-cache-status
HIT
age
196226
x-guploader-uploadid
ADPycdsAwmq3zIiLk5eMT9Pufd6VhzLw0xi6zPImrY4EwVNvIT3_KUg0vl3gomQtXtvZXmh28q64OeClvu3HO2OFlQg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
63512
cf-ray
6db6b99bcd73910c-FRA
last-modified
Sun, 10 Oct 2021 06:46:04 GMT
server
cloudflare
etag
"9912eb289b9a8018ffe746b38a1f4138"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=B6lSQw==, md5=mRLrKJuagBj/50azih9BOA==
x-goog-generation
1633848364340633
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, must-revalidate
x-goog-stored-content-length
63512
accept-ranges
bytes
content-type
font/woff2
expires
Tue, 15 Feb 2022 09:40:56 GMT
Roboto-BoldItalic.woff2
app.gitbook.com/public/fonts/Roboto/
67 KB
68 KB
Font
General
Full URL
https://app.gitbook.com/public/fonts/Roboto/Roboto-BoldItalic.woff2?v=3.19
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abe67ac80a18e468ba4e9fc2138ddf670e168fb92b38ed1e71da54eecd420d9d

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
cf-cache-status
HIT
age
196226
x-guploader-uploadid
ADPycdsFYEld59d4tPqKvXQElGcoFvV3id-e5sc9LHOb-k6fj_99Mx1OOzsSvDP2BoYFAPbfbgsph3uj_sOgGW48p7R5bcPKUA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
68744
cf-ray
6db6b99bcd7d910c-FRA
last-modified
Sun, 10 Oct 2021 06:46:04 GMT
server
cloudflare
etag
"1273f039c2c87185606d174ef2fb8bda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=sDfENg==, md5=EnPwOcLIcYVgbRdO8vuL2g==
x-goog-generation
1633848364530844
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, must-revalidate
x-goog-stored-content-length
68744
accept-ranges
bytes
content-type
font/woff2
expires
Tue, 15 Feb 2022 09:58:00 GMT
Roboto-Black.woff2
app.gitbook.com/public/fonts/Roboto/
62 KB
63 KB
Font
General
Full URL
https://app.gitbook.com/public/fonts/Roboto/Roboto-Black.woff2?v=3.19
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc85ca1807422f0603716b43ec3f6544ae0a2f395bee02ad3eeb000c2a2aaf86

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
cf-cache-status
HIT
age
196226
x-guploader-uploadid
ADPycdt4LnFNVND5JqZj_zsMGfhS1g1YYQPghLsjy0Dg89Qhk8bHkKjmaL58NGKMxT-chF2PN8J9qZf_DPF0B-epM-BygHkyzA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
63632
cf-ray
6db6b99bcd81910c-FRA
last-modified
Sun, 10 Oct 2021 06:46:04 GMT
server
cloudflare
etag
"cf9856e6d82dec865920233cfb0e6434"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=78g/3g==, md5=z5hW5tgt7IZZICM8+w5kNA==
x-goog-generation
1633848364343364
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, must-revalidate
x-goog-stored-content-length
63632
accept-ranges
bytes
content-type
font/woff2
expires
Tue, 15 Feb 2022 09:58:24 GMT
Roboto-BlackItalic.woff2
app.gitbook.com/public/fonts/Roboto/
69 KB
69 KB
Font
General
Full URL
https://app.gitbook.com/public/fonts/Roboto/Roboto-BlackItalic.woff2?v=3.19
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73971d2e544090ece7946c253f97ad012433034112729f30460561f1b3f3baa4

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
cf-cache-status
HIT
age
196226
x-guploader-uploadid
ADPycdtSz31E9J6VWAnYfPbC4MK14_5y6xO43GAZGp65CAabcLmvz3XxknuN1JyL1_PbdGNriT3cILrBNaXfekpvOYI
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
70548
cf-ray
6db6b99bcd86910c-FRA
last-modified
Sun, 10 Oct 2021 06:46:04 GMT
server
cloudflare
etag
"0c0fe6e65641e22692eb54ccb1334e48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=KPvcng==, md5=DA/m5lZB4iaS61TMsTNOSA==
x-goog-generation
1633848364395213
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, must-revalidate
x-goog-stored-content-length
70548
accept-ranges
bytes
content-type
font/woff2
expires
Tue, 15 Feb 2022 09:43:21 GMT
Roboto-Medium.woff2
app.gitbook.com/public/fonts/Roboto/
62 KB
63 KB
Font
General
Full URL
https://app.gitbook.com/public/fonts/Roboto/Roboto-Medium.woff2?v=3.19
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
474219c4838734328bacdf2229ee7aa9b960e1e22b36aa0b2440dee68b7ded93

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
cf-cache-status
HIT
age
196226
x-guploader-uploadid
ADPycdu1y_CtwAV8-6ApdTm452RhVmC-C3y4Vm3PTKYOME2elLZUOsmDzdy9tN3xiQdhK3mo4ObGLRSV8LMowC69APY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
63888
cf-ray
6db6b99bcd83910c-FRA
last-modified
Sun, 10 Oct 2021 06:46:03 GMT
server
cloudflare
etag
"1c1881cb681b2e87bdd7302d9cc04bea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=zcpdEQ==, md5=HBiBy2gbLoe91zAtnMBL6g==
x-goog-generation
1633848363751495
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, must-revalidate
x-goog-stored-content-length
63888
accept-ranges
bytes
content-type
font/woff2
expires
Tue, 15 Feb 2022 09:07:10 GMT
Roboto-MediumItalic.woff2
app.gitbook.com/public/fonts/Roboto/
68 KB
68 KB
Font
General
Full URL
https://app.gitbook.com/public/fonts/Roboto/Roboto-MediumItalic.woff2?v=3.19
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1588e257d5d5d137bdf245d5d1e6e9e89a7393e411feab9fcb28eba9fa615779

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
cf-cache-status
HIT
age
196226
x-guploader-uploadid
ADPycdu7oXgCIMSTn2q_i_aJYWfl0v0x8ZOGjFK18lJQ2x4Jn7MtgKCKr08o6_JTpzFpiCAf5jjJDeK2gS8Pr6x9YxU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
69624
cf-ray
6db6b99bcd8e910c-FRA
last-modified
Sun, 10 Oct 2021 06:46:04 GMT
server
cloudflare
etag
"8b4e1b9f7674c838783683866a8d62d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=cKMv6g==, md5=i04bn3Z0yDh4NoOGao1i1Q==
x-goog-generation
1633848364394105
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, must-revalidate
x-goog-stored-content-length
69624
accept-ranges
bytes
content-type
font/woff2
expires
Tue, 15 Feb 2022 09:25:25 GMT
Roboto-Regular.woff2
app.gitbook.com/public/fonts/Roboto/
62 KB
62 KB
Font
General
Full URL
https://app.gitbook.com/public/fonts/Roboto/Roboto-Regular.woff2?v=3.19
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b37d775bb347246729d437f266c2dfcd705a9171580f6149ab673b10a3500367

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
cf-cache-status
HIT
age
196226
x-guploader-uploadid
ADPycduR9EyASkBbviPiv2398kVjFz10M8PSX11BtbBtyczOfiNCfFgAdtnF56_jDtTWtNpOE_1BiUYYadtWvPluiN5DPLcbDw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
63024
cf-ray
6db6b99bcd89910c-FRA
last-modified
Sun, 10 Oct 2021 06:46:04 GMT
server
cloudflare
etag
"679aa1b8c499041bf78378f4a5b04162"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=L2wjbg==, md5=Z5qhuMSZBBv3g3j0pbBBYg==
x-goog-generation
1633848364360754
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, must-revalidate
x-goog-stored-content-length
63024
accept-ranges
bytes
content-type
font/woff2
expires
Tue, 15 Feb 2022 09:48:54 GMT
Roboto-Italic.woff2
app.gitbook.com/public/fonts/Roboto/
67 KB
67 KB
Font
General
Full URL
https://app.gitbook.com/public/fonts/Roboto/Roboto-Italic.woff2?v=3.19
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8789224140397e0644f8d3daf8aaa2733d8a357be81b239188de34b81b3cb11c

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
cf-cache-status
HIT
age
196227
x-guploader-uploadid
ADPycdvj5oLfnVyq7b-vBHRkM0DiJbKqDKqymecu2s7_v6OU4M96dfpduUFjatjhu6WlsgyNRVDrc_ZN8ra1BC7yyLU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
68608
cf-ray
6db6b99bde02910c-FRA
last-modified
Sun, 10 Oct 2021 06:46:03 GMT
server
cloudflare
etag
"390716e2322cc51a6d75368c6c6ab64b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=VFjRMg==, md5=OQcW4jIsxRptdTaMbGq2Sw==
x-goog-generation
1633848363952371
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, must-revalidate
x-goog-stored-content-length
68608
accept-ranges
bytes
content-type
font/woff2
expires
Tue, 15 Feb 2022 09:57:14 GMT
SourceCodePro-Bold.woff2
app.gitbook.com/public/fonts/SourceCodePro/
57 KB
58 KB
Font
General
Full URL
https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-Bold.woff2?v=3.19
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
391798381365eae6431d5301789e74ae40318b5a909f6732710c938f709dd15b

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
cf-cache-status
HIT
age
196226
x-guploader-uploadid
ADPycduQSM9xHJ-E6y6JEDonRTNFANXFX1vXT72crFh1DEMmqDhFQtXeepM8zepmjT03p88dafQ0ZaA5_jVrZ3DYow
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
58824
cf-ray
6db6b99bddfd910c-FRA
last-modified
Sun, 10 Oct 2021 06:46:04 GMT
server
cloudflare
etag
"12902856238918991bbae82214419e26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=dA5QBw==, md5=EpAoViOJGJkbuugiFEGeJg==
x-goog-generation
1633848364495126
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, must-revalidate
x-goog-stored-content-length
58824
accept-ranges
bytes
content-type
font/woff2
expires
Tue, 15 Feb 2022 09:09:31 GMT
SourceCodePro-BoldItalic.woff2
app.gitbook.com/public/fonts/SourceCodePro/
49 KB
49 KB
Font
General
Full URL
https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-BoldItalic.woff2?v=3.19
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e9516397b60a1f72e680cd614eeae501cc05e8336b41677f6ddcf7ca91ce87b

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
cf-cache-status
HIT
age
196226
x-guploader-uploadid
ADPycdvZrVZ-v3JcmyLwD6OaEPl6PAeAXuvn-G2Rxd_yMAeGjaMDuV7BrEdHmf6VRWEqZvcefNL6pHbVxsPUH7j_Ylo4UqpByw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
50140
cf-ray
6db6b99bddf6910c-FRA
last-modified
Sun, 10 Oct 2021 06:46:04 GMT
server
cloudflare
etag
"b724e89b25def664af59a37f9535969d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=MbhT/w==, md5=tyTomyXe9mSvWaN/lTWWnQ==
x-goog-generation
1633848364404691
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, must-revalidate
x-goog-stored-content-length
50140
accept-ranges
bytes
content-type
font/woff2
expires
Tue, 15 Feb 2022 09:35:14 GMT
SourceCodePro-Black.woff2
app.gitbook.com/public/fonts/SourceCodePro/
56 KB
57 KB
Font
General
Full URL
https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-Black.woff2?v=3.19
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99b06c0121019e577fbeb61926a76ab064ebf04641e17b3f3cdd31c5bfada827

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
cf-cache-status
HIT
age
196226
x-guploader-uploadid
ADPycdtEt8IKqba6YuopBO7EkBHr-EMPkBMmfrGEWb-6su48c0Tmdf_xn9lJ8eMz-XGq0E7Hj55-izYXfRxXPXexeRc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
57780
cf-ray
6db6b99bcd96910c-FRA
last-modified
Sun, 10 Oct 2021 06:46:04 GMT
server
cloudflare
etag
"f71e658e6aefc8d67ec9143ba16738f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=4jkfgA==, md5=9x5ljmrvyNZ+yRQ7oWc49A==
x-goog-generation
1633848364372673
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, must-revalidate
x-goog-stored-content-length
57780
accept-ranges
bytes
content-type
font/woff2
expires
Tue, 15 Feb 2022 09:25:16 GMT
SourceCodePro-BlackItalic.woff2
app.gitbook.com/public/fonts/SourceCodePro/
48 KB
48 KB
Font
General
Full URL
https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-BlackItalic.woff2?v=3.19
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91edc14c712c0f1f64767c76dc267782a71d64eef6a3fa0b78e3550b67031f7f

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
cf-cache-status
HIT
age
196226
x-guploader-uploadid
ADPycdtxTTTBWqLNO-QBN2t3AnTi9wcf2k3dIWIm1g3rxKjYtR-V-l1xF7cIzDvHVis3k10BZGkPCCZ5oG4glU3Rtbw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
48884
cf-ray
6db6b99bde0e910c-FRA
last-modified
Sun, 10 Oct 2021 06:46:04 GMT
server
cloudflare
etag
"c1594c3fd48f0a69854330d1e5aecfd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=KGJVVw==, md5=wVlMP9SPCmmFQzDR5a7P1g==
x-goog-generation
1633848364884390
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, must-revalidate
x-goog-stored-content-length
48884
accept-ranges
bytes
content-type
font/woff2
expires
Tue, 15 Feb 2022 10:00:32 GMT
SourceCodePro-Medium.woff2
app.gitbook.com/public/fonts/SourceCodePro/
57 KB
58 KB
Font
General
Full URL
https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-Medium.woff2?v=3.19
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4527b523271b31ea23e2241eaa32be773ae97e2100a4cde9c4ea807f5bdf345e

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
cf-cache-status
HIT
age
196226
x-guploader-uploadid
ADPycdv4gAYZM6vRxsLWhnWhz_PB_bdqs0P6meWBqQMTPrUkyvLsj42EgubVsAAkIv9_78QNRbPcyYnYcOgXjJQC7Q8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
58744
cf-ray
6db6b99bde0c910c-FRA
last-modified
Sun, 10 Oct 2021 06:46:04 GMT
server
cloudflare
etag
"fcd510e6482c7a55ba5b195381dcbf88"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=P0k/Fw==, md5=/NUQ5kgselW6WxlTgdy/iA==
x-goog-generation
1633848364398993
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, must-revalidate
x-goog-stored-content-length
58744
accept-ranges
bytes
content-type
font/woff2
expires
Tue, 15 Feb 2022 09:33:33 GMT
SourceCodePro-MediumItalic.woff2
app.gitbook.com/public/fonts/SourceCodePro/
49 KB
49 KB
Font
General
Full URL
https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-MediumItalic.woff2?v=3.19
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
142dda220b464de17ccaa3949b42543c6488ede54423361364bffb67ec054a2b

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
cf-cache-status
HIT
age
586667
x-guploader-uploadid
ADPycdsY91DREnn5rUze01Le5CWT1mJHWfFjT_SXxb3k0e2GgCFmIAgZtrAEKqCH9n7vgWiln7vWYigxiwoxAi5nT48
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
49784
cf-ray
6db6b99bde07910c-FRA
last-modified
Sun, 10 Oct 2021 06:46:04 GMT
server
cloudflare
etag
"a399a11f4e1eb5cc906b096a1436f8da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=RDS2oA==, md5=o5mhH04etcyQawlqFDb42g==
x-goog-generation
1633848364578571
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, must-revalidate
x-goog-stored-content-length
49784
accept-ranges
bytes
content-type
font/woff2
expires
Thu, 10 Feb 2022 21:13:40 GMT
SourceCodePro-Regular.woff2
app.gitbook.com/public/fonts/SourceCodePro/
58 KB
58 KB
Font
General
Full URL
https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-Regular.woff2?v=3.19
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fc43de0b7192ea8d141166fd138508b806a7742a19d60d376717d299249a721

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
cf-cache-status
HIT
age
196226
x-guploader-uploadid
ADPycduWf-3jThYWRmTXc7En1cnwcihMDm-NonRr5vI8T8qIZLwvBntimTEtmM0Fva0JBazYYg15ouT9M6ei5BFUlx3kEWxKPw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
59120
cf-ray
6db6b99bde05910c-FRA
last-modified
Sun, 10 Oct 2021 06:46:04 GMT
server
cloudflare
etag
"7e7018fa71b6021605537b9f824e67fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=YqfMwg==, md5=fnAY+nG2AhYFU3ufgk5n/A==
x-goog-generation
1633848364862643
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, must-revalidate
x-goog-stored-content-length
59120
accept-ranges
bytes
content-type
font/woff2
expires
Tue, 15 Feb 2022 09:25:16 GMT
SourceCodePro-Italic.woff2
app.gitbook.com/public/fonts/SourceCodePro/
49 KB
49 KB
Font
General
Full URL
https://app.gitbook.com/public/fonts/SourceCodePro/SourceCodePro-Italic.woff2?v=3.19
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8be2edcbae84d5edd53e879a9a8d6c58a8eea966820ac287c0275a9698495518

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
cf-cache-status
HIT
age
196227
x-guploader-uploadid
ADPycdtITZZDEYN8_O8hhA__RhGwsGPV7hwTBLXtZ345ENDhP1hB1QYHsRXpzffuYV2orVaUYgo7Ot1ubFyMJPBOk6I
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
50016
cf-ray
6db6b99bde18910c-FRA
last-modified
Sun, 10 Oct 2021 06:46:04 GMT
server
cloudflare
etag
"f29e4a78544ca47f78bb54ce303347c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=yEyPlQ==, md5=8p5KeFRMpH94u1TOMDNHyA==
x-goog-generation
1633848364300385
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, must-revalidate
x-goog-stored-content-length
50016
accept-ranges
bytes
content-type
font/woff2
expires
Tue, 15 Feb 2022 09:37:32 GMT
csharp.lazy-CSD2UH3U.min.js
app.gitbook.com/public/app/chunks/
7 KB
3 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/csharp.lazy-CSD2UH3U.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e24189d8a1f5ac6beed5f9c19f384a917186c2f2a546b6cc5f4578a9c8a6b492

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1411147
x-guploader-uploadid
ADPycduwV6_wR71n3fEc2eFrMEYmv3z1o1oeoFK7W94IrbnfxevfQQTWJtwecFhb1pqzn357ClRE0g3PGmy9pwifzUc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Sun, 14 Nov 2021 15:22:06 GMT
server
cloudflare
etag
W/"27fb4ec34a7eec4b025fc52cd3303c99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=D+xXtw==, md5=J/tOw0p+7EsCX8Us0zA8mQ==
x-goog-generation
1636903326361942
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
6707
cf-ray
6db6b99bde16910c-FRA
expires
Wed, 25 Jan 2023 08:23:00 GMT
public-SU7MN35B.min.js
app.gitbook.com/public/app/
8 KB
3 KB
Script
General
Full URL
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d34cfc23f4240f56f29cc87c9647409a9807904efc0d6be5f0302aa4a8c036b

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
280585
x-guploader-uploadid
ADPycdvW9kro9OQ4FyBBBghYR8k5I9CltFaCX6FqftIz53sbovE-nj_sCA0vmg2xVKn2dkytP0lojsscm09m6COrGJ0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 07 Feb 2022 10:26:00 GMT
server
cloudflare
etag
W/"1c57f87264a73d7bed72d9676a3a6814"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=34jQ7Q==, md5=HFf4cmSnPXvtctlnajpoFA==
x-goog-generation
1644229560648460
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
8031
cf-ray
6db6b99bde13910c-FRA
expires
Tue, 07 Feb 2023 10:32:15 GMT
embed.js
cdn.iframe.ly/
22 KB
7 KB
Script
General
Full URL
https://cdn.iframe.ly/embed.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-119.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
b836803e97f161fdf9ff088ff46b8b4b9211ef8a1759ee1b223923a2852c6ec4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 22:21:58 GMT
content-encoding
br
last-modified
Mon, 31 Jan 2022 15:34:30 GMT
server
nginx
age
65339
etag
W/"61f80186-571d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
Qg2JkN_u8vRqYsKPV7UxnTMpZEDSqHNd6yeydSsoyshCi_cIjZFiJg==
via
1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
polyfill.js
cdn.polyfill.io/v2/
415 B
706 B
Script
General
Full URL
https://cdn.polyfill.io/v2/polyfill.js?features=Intl.~locale.en
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e5040037b99f33713b533de1799d81b07b984140ec146f1a1d0fecee19fa3482
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1467258
detected-user-agent
Chrome/98.0.4758
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
219
referrer-policy
origin-when-cross-origin
last-modified
Mon, 24 Jan 2022 14:23:44 GMT
date
Thu, 10 Feb 2022 16:30:57 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/98.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
https%3A%2F%2F2603957456-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-28427.appspot.com%2Fo%2Fspaces%252F-LFEMnER3fywgFHoroYn%252Favatar.png%3Fgeneration%3D1536436814766237%26alt%3Dmedia
www.gitbook.com/cdn-cgi/image/width=40,height=40,fit=contain,dpr=1,format=auto/
1 KB
1 KB
Image
General
Full URL
https://www.gitbook.com/cdn-cgi/image/width=40,height=40,fit=contain,dpr=1,format=auto/https%3A%2F%2F2603957456-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-28427.appspot.com%2Fo%2Fspaces%252F-LFEMnER3fywgFHoroYn%252Favatar.png%3Fgeneration%3D1536436814766237%26alt%3Dmedia
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d624a9b45f2860bc9d67e56699a384e87ce9b441c8a30401787b702e734e2dc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
vary
Accept, Accept-Encoding
content-length
1073
last-modified
Sat, 08 Sep 2018 20:00:14 GMT
server
cloudflare
etag
"cfxEAstVGsILZwEUMa_yTuFg:2965c5f978755802debc0291c5574853"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-resized
internal=ok/h q=0 n=30 c=53 v=2022.1.0 l=1073
accept-ranges
bytes
cf-ray
6db6b99bc8099268-FRA
cf-bgj
imgq:85,h2pri
https%3A%2F%2F2603957456-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-28427.appspot.com%2Fo%2Fspaces%252F-LFEMnER3fywgFHoroYn%252Favatar.png%3Fgeneration%3D1536436814766237%26alt%3Dmedia
www.gitbook.com/cdn-cgi/image/width=24,height=24,fit=contain,dpr=1,format=auto/
821 B
1 KB
Image
General
Full URL
https://www.gitbook.com/cdn-cgi/image/width=24,height=24,fit=contain,dpr=1,format=auto/https%3A%2F%2F2603957456-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-28427.appspot.com%2Fo%2Fspaces%252F-LFEMnER3fywgFHoroYn%252Favatar.png%3Fgeneration%3D1536436814766237%26alt%3Dmedia
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2df816b4951890f17715d2625d77f04ee0921f40f0b2432ad764c96149d968
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
vary
Accept, Accept-Encoding
content-length
821
last-modified
Sat, 08 Sep 2018 20:00:14 GMT
server
cloudflare
etag
"cfORVgR5FT-ORC-PW8Ddvsrg:2965c5f978755802debc0291c5574853"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-resized
internal=ok/h q=0 n=67 c=27 v=2022.1.0 l=821
accept-ranges
bytes
cf-ray
6db6b99bc80b9268-FRA
cf-bgj
imgq:85,h2pri
assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqMckKQO2kEqqc1UV%2Fcerts-certutil.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/
28 KB
29 KB
Image
General
Full URL
https://2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqMckKQO2kEqqc1UV%2Fcerts-certutil.png?alt=media&token=6c098d3c-c3f0-49f1-a284-248db726315d
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
2dfb402162bc924ade07c769a1be4113d060ee88cee93c24461f7955c91f0880
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
GitBook
x-guploader-uploadid
ADPycduPaCnz96GFWb0QnL5gOaDxpbwN0MurDm4afNFOSIVY9AMguyI8WsFTPQvrTZHwcVIPs5pwMdJ8EhlklUP3gfE
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''certs-certutil.png
vary
Accept-Encoding
content-length
28361
cf-ray
6db6b99bd8b1697b-FRA
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Aug 2018 18:32:43 GMT
server
cloudflare
etag
"ede6f30ab17b1418bc246bf79812c033"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
x-goog-hash
crc32c=rWEOrg==, md5=7ebzCrF7FBi8JGv3mBLAMw==
x-goog-generation
1534357963989464
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
28361
x-goog-meta-firebasestoragedownloadtokens
6c098d3c-c3f0-49f1-a284-248db726315d
content-security-policy
script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
accept-ranges
bytes
content-type
image/png
expires
Fri, 10 Feb 2023 16:30:58 GMT
assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqQ2VqLB4JYJDrAnZ%2Fcerts-installed.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/
58 KB
58 KB
Image
General
Full URL
https://2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqQ2VqLB4JYJDrAnZ%2Fcerts-installed.png?alt=media&token=6f6451bb-08c7-42fe-8bfd-d396a77e8a92
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
3b008c2a94a6ee7026de0479a26fe3ea5037c015b6a08a8836c37856608e22fc
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
GitBook
x-guploader-uploadid
ADPycdt9BAkGP5ee7t5RFqGfT3m_xPLggMkabt0aUj90mWC92ZjjvwZTRoTj1BEJYMfVHVAbsftctfDM4Tv_gDnAquU
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''certs-installed.png
vary
Accept-Encoding
content-length
58931
cf-ray
6db6b99bd8b8697b-FRA
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Aug 2018 18:32:43 GMT
server
cloudflare
etag
"e025cbff234cce35e37bc941c878c34d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
x-goog-hash
crc32c=uJfeJg==, md5=4CXL/yNMzjXje8lByHjDTQ==
x-goog-generation
1534357963999170
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
58931
x-goog-meta-firebasestoragedownloadtokens
6f6451bb-08c7-42fe-8bfd-d396a77e8a92
content-security-policy
script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
accept-ranges
bytes
content-type
image/png
expires
Fri, 10 Feb 2023 16:30:58 GMT
assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqbycoKnz6uhQe5WO%2Fcerts-add-with-ps.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/
26 KB
27 KB
Image
General
Full URL
https://2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqbycoKnz6uhQe5WO%2Fcerts-add-with-ps.png?alt=media&token=977a73c0-9160-4753-88d1-6e22cd426b89
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
4e1455cf00349ef0a37105335e7e3e7aa130e07d14896ee47e652657cc3c858a
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
GitBook
x-guploader-uploadid
ADPycdvAgxMRJRJC4ISy-mvCG0kkKQpEomKr0S1Enfjvev3C4ZPt0KlobbxlhcGVBog5eOz1_dSdZigxsLlum3Cq7Gg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''certs-add-with-ps.png
vary
Accept-Encoding
content-length
26973
cf-ray
6db6b99bd8bf697b-FRA
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Aug 2018 18:32:44 GMT
server
cloudflare
etag
"af4444ea0439b95e57ccb098de0028c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
x-goog-hash
crc32c=bhFHfA==, md5=r0RE6gQ5uV5XzLCY3gAoyQ==
x-goog-generation
1534357964007543
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
26973
x-goog-meta-firebasestoragedownloadtokens
977a73c0-9160-4753-88d1-6e22cd426b89
content-security-policy
script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
accept-ranges
bytes
content-type
image/png
expires
Fri, 10 Feb 2023 16:30:58 GMT
assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqg-QzrDfu7RLZY3p%2Fcerts-ps-logging.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/
16 KB
17 KB
Image
General
Full URL
https://2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqg-QzrDfu7RLZY3p%2Fcerts-ps-logging.png?alt=media&token=f97b0c60-a6f4-4c5a-b6f8-0bbd4d167908
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
ed47c278bf3d7b130073a011f6cad4619cbd0f81e390b78b36f53c9bf9a54cbd
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
GitBook
x-guploader-uploadid
ADPycduVAEs8ljPEssusvJyzVsoOO9rJFUf-VRN_TWexMYLAuXZJM0SQK1pu_9QDNsZFS0qWW61dHJLpFJZn0lKdUmo
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''certs-ps-logging.png
vary
Accept-Encoding
content-length
16682
cf-ray
6db6b99bd8c1697b-FRA
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Aug 2018 18:32:43 GMT
server
cloudflare
etag
"b2e73e268d905569f4a697fe6ed5ad75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
x-goog-hash
crc32c=W79svA==, md5=suc+Jo2QVWn0ppf+btWtdQ==
x-goog-generation
1534357963948157
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
16682
x-goog-meta-firebasestoragedownloadtokens
f97b0c60-a6f4-4c5a-b6f8-0bbd4d167908
content-security-policy
script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
accept-ranges
bytes
content-type
image/png
expires
Fri, 10 Feb 2023 16:30:58 GMT
assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyr4S1zYBs87IneLGr%2Fcerts-logs.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/
51 KB
51 KB
Image
General
Full URL
https://2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyr4S1zYBs87IneLGr%2Fcerts-logs.png?alt=media&token=adeef754-0099-4b94-bb12-d96ec058d34f
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
2791874f2ac5a208d84ffb261c0adcf62b4790606433638c5489f1e95335d1d2
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:59 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
GitBook
x-guploader-uploadid
ADPycdt8hW11PELF7hhptCd9Ra2vX8IDhkRBNMO76kH9MrtfJ8PbeehLmBCJhQTLWVNOypWxlLYF5E2BcIVq7bOFeME
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''certs-logs.png
vary
Accept-Encoding
content-length
52258
cf-ray
6db6b99bd8c8697b-FRA
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Aug 2018 18:32:43 GMT
server
cloudflare
etag
"e0d5a37e5fb59d35ef29fb45a624868e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
x-goog-hash
crc32c=AxqoLA==, md5=4NWjfl+1nTXvKftFpiSGjg==
x-goog-generation
1534357963817758
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
52258
x-goog-meta-firebasestoragedownloadtokens
adeef754-0099-4b94-bb12-d96ec058d34f
content-security-policy
script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
accept-ranges
bytes
content-type
image/png
expires
Fri, 10 Feb 2023 16:30:58 GMT
assets%2F-LFEMnER3fywgFHoroYn%2F-LJz3ScYEAr42Csq9UcK%2F-LJz3Pa7Z4DINdAebLKM%2Fcerts-registry.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/
39 KB
40 KB
Image
General
Full URL
https://2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LJz3ScYEAr42Csq9UcK%2F-LJz3Pa7Z4DINdAebLKM%2Fcerts-registry.png?alt=media&token=31ca5d98-42de-4bef-9a9b-03c8c55d7d06
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
af22694103076abf2a8dc1e4e5cfb9461a36c469b558a9feb08ce70c1b12c71b
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
GitBook
x-guploader-uploadid
ADPycds5y5odT1UY96Wd83fVwzgwX_IdWCYIJH0OP_tVUM1Fy5uvd2lqhNeBVVOyIJ3VxJyOY_tlXPLEsSp-Lx8EK2s
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''certs-registry.png
vary
Accept-Encoding
content-length
40274
cf-ray
6db6b99bd8c5697b-FRA
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Aug 2018 19:31:02 GMT
server
cloudflare
etag
"fe275e02f6d0fb5b10a9d4c6beb3d9ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
x-goog-hash
crc32c=bPzO1Q==, md5=/ideAvbQ+1sQqdTGvrPZrQ==
x-goog-generation
1534361462659850
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
40274
x-goog-meta-firebasestoragedownloadtokens
31ca5d98-42de-4bef-9a9b-03c8c55d7d06
content-security-policy
script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
accept-ranges
bytes
content-type
image/png
expires
Fri, 10 Feb 2023 16:30:58 GMT
email-decode.min.js
www.ired.team/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
826 B
Script
General
Full URL
https://www.ired.team/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 08 Feb 2022 10:49:21 GMT
server
cloudflare
etag
W/"62024ab1-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6db6b99b88d891d8-FRA
vary
Accept-Encoding
expires
Sat, 12 Feb 2022 16:30:57 GMT
chunk-VSTNIRYX.min.js
app.gitbook.com/public/app/chunks/
531 KB
152 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-VSTNIRYX.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
276f0b9b25d8cac0b4bb53548a917c55dabe105b1de8e574f0b846e92f42a82f

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
280585
x-guploader-uploadid
ADPycdvvc-_yU1HbJqNB3sTpxt5F98xFC4d6cVzO1j02zNXCnAbY5_20mO8coKkmsumo8fxXXcPeQOqXQRBxW0GCY4M
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 07 Feb 2022 10:26:00 GMT
server
cloudflare
etag
W/"4a125ed9a26bbd7ce9ff0da49f9c5673"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=1yhGbg==, md5=ShJe2aJrvXzp/w2kn5xWcw==
x-goog-generation
1644229560697264
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
543592
cf-ray
6db6b99e1ccf910c-FRA
expires
Tue, 07 Feb 2023 10:28:34 GMT
chunk-RYL2DIDX.min.js
app.gitbook.com/public/app/chunks/
52 KB
16 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-RYL2DIDX.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1017987f489138c96d751c0502e70cafe33105efc5abd63abc22c396e478c261

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
280585
x-guploader-uploadid
ADPycdsdcCSIMc56-moFrJoTY5cQyY5te1jvNM4CpR8RRr50sqlqOVkEzXhgoS7DHuFuf4BFy0hle4z2hUkkVkZFoE90nLOukQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 07 Feb 2022 10:26:00 GMT
server
cloudflare
etag
W/"163489595e9f2b69ea00ee38bb8239bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=C2WXfA==, md5=FjSJWV6fK2nqAO44u4I5vQ==
x-goog-generation
1644229560529519
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
53014
cf-ray
6db6b99e1cd8910c-FRA
expires
Tue, 07 Feb 2023 10:28:35 GMT
chunk-6STEEV7T.min.js
app.gitbook.com/public/app/chunks/
358 B
598 B
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-6STEEV7T.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5453e597cfe3555606ad034aa96beac23e002cd8809eb20af1f7b8ee801f5a53

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1411407
x-guploader-uploadid
ADPycdtJ3nGwgFgoGA4ViBOuDXO2SCtU3gLQLq8Ok5aaYHLGCZHwjwrrh_Ds-9-Ag76TL528qcrLGIAP7t95M_U890k
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Thu, 21 Oct 2021 18:00:26 GMT
server
cloudflare
etag
W/"1a65b87b6262dc49dbf8d3cc972e3be2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=a/BE9w==, md5=GmW4e2Ji3Enb+NPMly474g==
x-goog-generation
1634839226752594
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
358
cf-ray
6db6b99e1d3a910c-FRA
expires
Wed, 25 Jan 2023 07:30:55 GMT
chunk-RPVLCYJN.min.js
app.gitbook.com/public/app/chunks/
12 KB
5 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-RPVLCYJN.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e48fe0ea8571a715c45a588e0fb3a3f2dc2c1846e8146e62e9b06951094d93aa

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
280585
x-guploader-uploadid
ADPycdvW7mVIkUZB99Mi20r86CrNF0tfY-jPYnuNuOYZOW_81F8KZXBQxSlQth-wYLVDqAniruLs0Cdcz-hmxGFm9Js
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 07 Feb 2022 10:26:00 GMT
server
cloudflare
etag
W/"856d95822c342b55bb7a28b6303c00ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=ocfnHQ==, md5=hW2Vgiw0K1W7eii2MDwAzg==
x-goog-generation
1644229560541312
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
12272
cf-ray
6db6b99e1d3c910c-FRA
expires
Tue, 07 Feb 2023 10:30:15 GMT
chunk-TL2IH5J4.min.js
app.gitbook.com/public/app/chunks/
799 KB
238 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-TL2IH5J4.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bc23ccb75a44da0eb93c930059714f5b91392b5034cc6432161d6213e752a2d

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
280585
x-guploader-uploadid
ADPycdsoUQpwiLyF3kjUsfkb77uf0iVJiEfi0EVVYQOiwOnIDhCsn42Xuff8GlFJUZeTafPE1wjzP9Apq4VcEREygw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 07 Feb 2022 10:26:00 GMT
server
cloudflare
etag
W/"bc1a7c819def0f5bebc7a875be4841e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=1Ror0Q==, md5=vBp8gZ3vD1vrx6h1vkhB4Q==
x-goog-generation
1644229560793444
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
818422
cf-ray
6db6b99e1d40910c-FRA
expires
Tue, 07 Feb 2023 10:30:15 GMT
chunk-HOTBQHAK.min.js
app.gitbook.com/public/app/chunks/
15 KB
7 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-HOTBQHAK.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4c2bc33902c63e87d08ab045dff1234454a7d8277cc13d56d87f27718d42854

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
280585
x-guploader-uploadid
ADPycdugBGkFDU5eCEYw48CqQv6KFRFOkTmC7jg6_SaUQ06cS3L1hq1udjj18Hn4gI42JaOZ3UKGdr6476cWsXdWKwo
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 07 Feb 2022 10:26:00 GMT
server
cloudflare
etag
W/"d140686cca58613762e12a27ab64963f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=4vLj8g==, md5=0UBobMpYYTdi4Sonq2SWPw==
x-goog-generation
1644229560542555
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
15725
cf-ray
6db6b99e1d42910c-FRA
expires
Tue, 07 Feb 2023 10:28:34 GMT
chunk-JAODLJKB.min.js
app.gitbook.com/public/app/chunks/
657 KB
93 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-JAODLJKB.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21b364e56bf4871ea77c2849df53da83b3e9415c39b82abc08cf0d1f29505f6

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
280585
x-guploader-uploadid
ADPycdvSKtkgSJQZygwegYdKHuAhlqV5XnvQS9zcAQMlCmyA0l2Sr7vQDo9KKrBnHquB4X1wEGzM5ml42Uga2Lis2iE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 07 Feb 2022 10:26:01 GMT
server
cloudflare
etag
W/"889d8f1f9547cf91ab763cec76459ebc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=VPxYyA==, md5=iJ2PH5VHz5GrdjzsdkWevA==
x-goog-generation
1644229561898226
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
673011
cf-ray
6db6b99e1d5a910c-FRA
expires
Tue, 07 Feb 2023 10:28:34 GMT
chunk-7C6S7RYL.min.js
app.gitbook.com/public/app/chunks/
1 MB
352 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-7C6S7RYL.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2efac057a2414abd40c735212becfad75ca89adb7c858af5f9d8d432b3f72418

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
280585
x-guploader-uploadid
ADPycds0ZFIrbNbdlDiDn80nUkd8NudnsQqCtRNwl0nHgAmLbIviKW30-0JOLDl-WXMYiDI-ZAfR09HPLFkIPGDoqP4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 07 Feb 2022 10:26:00 GMT
server
cloudflare
etag
W/"1b092de2e4778aea379d91d4b5cc4d61"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=C7+8xg==, md5=Gwkt4uR3iuo3nZHUtcxNYQ==
x-goog-generation
1644229560840351
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
1188032
cf-ray
6db6b99e1d5c910c-FRA
expires
Tue, 07 Feb 2023 10:28:34 GMT
chunk-UUBB3DLQ.min.js
app.gitbook.com/public/app/chunks/
9 KB
2 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-UUBB3DLQ.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ffaaddf29587e770fcfeee80d9d6c482d7240f90f22b2051cf3481dfd23e919

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1303527
x-guploader-uploadid
ADPycdvaXhawFevZ2lf-3v_9Snh7ZvfnXoQNCWMWnDgnG3yaC11ZKipzSHBAcQIlwEkrfWiGTFMHiBTm6i0WKDfm8GQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Wed, 26 Jan 2022 13:43:59 GMT
server
cloudflare
etag
W/"ea2501823fe7e81614d75ac4507cdb3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=xWMDSg==, md5=6iUBgj/n6BYU11rEUHzbPQ==
x-goog-generation
1643204639080180
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
9525
cf-ray
6db6b99e1d5d910c-FRA
expires
Thu, 26 Jan 2023 13:50:35 GMT
chunk-N4G6RYWU.min.js
app.gitbook.com/public/app/chunks/
118 KB
37 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-N4G6RYWU.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b99bbf71a6f969220cdd9f2ca640de3c06a549aea7b7279b3cea43b15876cc99

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
586665
x-guploader-uploadid
ADPycdt1h1aU5ECkuE_4wpBg2Kf-O8ChzZjpR79CQSEGB_j48Hbh5SwOmsm-maCkSPoBwhB_0TIy7qYKj2KeKydU0pk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Wed, 26 Jan 2022 13:43:59 GMT
server
cloudflare
etag
W/"2cacd041a8ae68b8b1b5c0b39add6c68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=fiEIXQ==, md5=LKzQQaiuaLixtcCzmt1saA==
x-goog-generation
1643204639240559
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
121128
cf-ray
6db6b99e1d5f910c-FRA
expires
Fri, 03 Feb 2023 20:47:22 GMT
chunk-QJZ4EDPX.min.js
app.gitbook.com/public/app/chunks/
40 KB
14 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-QJZ4EDPX.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b6bd80893f51a415ef673bafc06675d7345d2d8589687a8cf240b71a29cf93c

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
891692
x-guploader-uploadid
ADPycdvUXkwyPitFk3rv_JwjJRnOL20_U7CnO_JUYDrGmxV-0NmzIonBrBGa_a4hUhdN2sutbFrNJPtRsLMI-DfaZm4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Thu, 21 Oct 2021 18:00:26 GMT
server
cloudflare
etag
W/"a4357654cd6f397a6e26f46a2c771acf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=bbiMCg==, md5=pDV2VM1vOXpuJvRqLHcazw==
x-goog-generation
1634839226902472
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
41360
cf-ray
6db6b99e1d63910c-FRA
expires
Tue, 31 Jan 2023 08:21:28 GMT
chunk-AKUZPGZL.min.js
app.gitbook.com/public/app/chunks/
5 KB
2 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-AKUZPGZL.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22bd02e6d93053cbd8610c8dbe1c803d3e8a9210ba0e314192f4f854ee9f6755

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
59535
x-guploader-uploadid
ADPycdvhLWKmi24TwrX58-EM5Jg6EZm77tBPIzidhfLtb86aI-U7dX_IP8bIWWZOE71DoGzNeG6IlVVHex9yanLextU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 31 Jan 2022 08:33:28 GMT
server
cloudflare
etag
W/"790d0c7d33d335b32f7fa3b5743b9a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=urdoIw==, md5=eQ0MfTPTNbMvf6O1dDuahQ==
x-goog-generation
1643618008335807
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
5259
cf-ray
6db6b99e4d70910c-FRA
expires
Thu, 09 Feb 2023 23:48:58 GMT
chunk-CO3SYI4B.min.js
app.gitbook.com/public/app/chunks/
4 KB
2 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-CO3SYI4B.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d43efc9141d3cc0cf15cd8c41b91054a98f480cf549c486177d21604c49d466

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1411404
x-guploader-uploadid
ADPycdvWVX3Rt_ImTeVGR95Y2zF_ugNiv2HG6bcBYtTnFnME5sGwhIR95GCgmv2CELpOYm7mopCwav8p35EGbHc2dSY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Fri, 26 Nov 2021 09:44:23 GMT
server
cloudflare
etag
W/"278619d11861c68c718cadc027c35d77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=QPRzZg==, md5=J4YZ0RhhxoxxjK3AJ8Nddw==
x-goog-generation
1637919863223979
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
3786
cf-ray
6db6b99e4d81910c-FRA
expires
Wed, 25 Jan 2023 07:54:03 GMT
chunk-CXNJH4CW.min.js
app.gitbook.com/public/app/chunks/
159 KB
33 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-CXNJH4CW.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3825ade211661f93f93126a98b7b0ebe2f8c0dc59bbda62d8a33883d38c9615

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1303527
x-guploader-uploadid
ADPycdvfDQmnlWjHg7YM-WyoDnrJM0vD6eFRAnQLMLUacy3zmDQ1t3oJrb9oDty-0anlXqnV2Hg7T3hHt2q06QMCBWp7YlvkTQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Wed, 26 Jan 2022 13:43:59 GMT
server
cloudflare
etag
W/"4f32c93652766659d417a0cc30128b02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=j8QyCQ==, md5=TzLJNlJ2ZlnUF6DMMBKLAg==
x-goog-generation
1643204639230846
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
162961
cf-ray
6db6b99e4d83910c-FRA
expires
Thu, 26 Jan 2023 13:50:35 GMT
chunk-TW2BC3YE.min.js
app.gitbook.com/public/app/chunks/
437 KB
132 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-TW2BC3YE.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f611fc6433e83da882d2bf6de652b0f6b0f299ba912625d4dac4c0d219763e62

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1303527
x-guploader-uploadid
ADPycdsbk5BFzNOyJJEHnVVC9RnuTjQQU-6BqeDJVxdS0bbzae0IzYGoQGtfr5t8t6abyV8Z0H6ORwVuY5IQ4lqYZQQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Wed, 26 Jan 2022 13:43:59 GMT
server
cloudflare
etag
W/"de4bc46a0d5c275505fac3fe8a33f8b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=uAlqiQ==, md5=3kvEag1cJ1UF+sP+ijP4uQ==
x-goog-generation
1643204639479375
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
447465
cf-ray
6db6b99e4d85910c-FRA
expires
Thu, 26 Jan 2023 13:47:48 GMT
chunk-JMPUATID.min.js
app.gitbook.com/public/app/chunks/
73 KB
23 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-JMPUATID.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54993a7fa246426ef776a0f85ee1438ac09ec6af64b779a3c2ab2a41721bc17b

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
891692
x-guploader-uploadid
ADPycduLZ60eECXenXTi6qbkttH5MxvT_zLmVSp4DuOn8vKL6kplt1sxLp4RkCRnEKgTJuU84KtL9zPENTn_H6KDCtY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 31 Jan 2022 08:33:28 GMT
server
cloudflare
etag
W/"0cd0f90a236ae855ef52e11b894e94c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=kHitog==, md5=DND5CiNq6FXvUuEbiU6UxQ==
x-goog-generation
1643618008476940
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
74650
cf-ray
6db6b99e4d87910c-FRA
expires
Tue, 31 Jan 2023 08:38:03 GMT
chunk-UVM3YZMK.min.js
app.gitbook.com/public/app/chunks/
765 B
987 B
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-UVM3YZMK.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9710122074551b432906e79ac42e3623430b8455d597181642ea326df42f85ec

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1153362
x-guploader-uploadid
ADPycdtN_32A5SMHiHZSDEmaVlQIwxEU8JtEyPrYDGdmg4WHu5av3AR8rO8FwoRzJQuqry3SJHhp-wP_q0lptc_4-IQs8P22SA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Sun, 14 Nov 2021 15:22:06 GMT
server
cloudflare
etag
W/"f7a7204a9d3aba6888a8d7a44294a464"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=M4PGtg==, md5=96cgSp06umiIqNekQpSkZA==
x-goog-generation
1636903326289904
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
765
cf-ray
6db6b99e4d88910c-FRA
expires
Sat, 28 Jan 2023 08:06:34 GMT
chunk-IIWRKTJR.min.js
app.gitbook.com/public/app/chunks/
236 KB
93 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-IIWRKTJR.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c4fce1d85013fd3ba055b70a74b90323c16b75a863ae4305d19afa21881f83b

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
891690
x-guploader-uploadid
ADPycdtFwSeaTd-VjcdO1Ztn3Lwioxp8NwWZuXSC3V955cAf6XuZeSVyYkThHXVhgyv5ipIa6ILBmN1BZrAHLn_GHo4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 31 Jan 2022 08:33:28 GMT
server
cloudflare
etag
W/"534f603e1eb50adf902e3ddd18bd6d6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=f22Wlw==, md5=U09gPh61Ct+QLj3dGL1tbg==
x-goog-generation
1643618008523072
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
241234
cf-ray
6db6b99e4d8b910c-FRA
expires
Tue, 31 Jan 2023 08:38:03 GMT
chunk-AUVWPKSR.min.js
app.gitbook.com/public/app/chunks/
1 KB
1 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-AUVWPKSR.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1304e827c9f8fc12aafc451c7e88b9c4395bc2ca27072414bb4da27e76f3265

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1411404
x-guploader-uploadid
ADPycdvyXJP6yvyT6vku0TIsqHj7Iq8Fb9u0Wjf4h_RsAHgvh7RnK3Ifdq87OopI5LicQlRNvkwNnWfmcWpKW_vlKc4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Sun, 14 Nov 2021 15:22:06 GMT
server
cloudflare
etag
W/"3f0ff88597c11c05bc6030617a353e4b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=10oLmw==, md5=Pw/4hZfBHAW8YDBhejU+Sw==
x-goog-generation
1636903326107816
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
1201
cf-ray
6db6b99e4d8e910c-FRA
expires
Wed, 25 Jan 2023 07:59:28 GMT
chunk-IXS77MGZ.min.js
app.gitbook.com/public/app/chunks/
316 KB
84 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-IXS77MGZ.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e3d5912dce2f1c3f73684faf7cc4fa17f49f557393668f779206ea854f73577

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
891690
x-guploader-uploadid
ADPycdvx1JQILYnbWlmxSVd0fq94UneOZiFTHGHwC8gwI25tIgeFMK1r6KPLhBVGJ8ksMdu6SH1BCIO4rPGVryZstiA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 31 Jan 2022 08:33:28 GMT
server
cloudflare
etag
W/"f2bb27072b8cede991fb8ce5781d64c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=ScAiSg==, md5=8rsnByuM7emR+4zleB1kxg==
x-goog-generation
1643618008516406
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
323312
cf-ray
6db6b99e4d90910c-FRA
expires
Tue, 31 Jan 2023 08:36:35 GMT
chunk-2RI5L7IX.min.js
app.gitbook.com/public/app/chunks/
1 KB
1012 B
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-2RI5L7IX.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42344c146d9f54a8c38e8448ccae462e87abad1ece4717d91038b84bac3c0ec9

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
563673
x-guploader-uploadid
ADPycduIhO5vymnZ2YAbCuRpAI_2ly4gtPigEPGcOO6O8NSQ0wxeNSh6EVPorh0R8nb5Gojg-Wm6i-nABJR9RHvcE7iAgWncvA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Sun, 14 Nov 2021 15:22:06 GMT
server
cloudflare
etag
W/"2d1f21fea9351904ebbf9c5d03382abe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=V3LWYg==, md5=LR8h/qk1GQTrv5xdAzgqvg==
x-goog-generation
1636903326129470
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
1375
cf-ray
6db6b99e4d93910c-FRA
expires
Sat, 04 Feb 2023 03:11:45 GMT
chunk-Y2HOABYU.min.js
app.gitbook.com/public/app/chunks/
7 KB
4 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-Y2HOABYU.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afda05801f08767b436bfd8cb71650d501f70951d5e2a82176b12b04818c197a

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
167
x-guploader-uploadid
ADPycduVd_5BC1SbhwY52GLl9qkQEdSPR3JbE4Ie5CYnYnV8NfsoEUfszWB2-QRxSE7aD8G0NUjWKLuH3xAIcEHWiZcHbIRKQg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 29 Nov 2021 15:56:42 GMT
server
cloudflare
etag
W/"3651cae1a86637b2d6ca1fb03a7c2368"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=oDAQjg==, md5=NlHK4ahmN7LWyh+wOnwjaA==
x-goog-generation
1638201402692169
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
7299
cf-ray
6db6b99e4d95910c-FRA
expires
Fri, 10 Feb 2023 16:14:46 GMT
chunk-COSHZCUI.min.js
app.gitbook.com/public/app/chunks/
2 KB
1 KB
Script
General
Full URL
https://app.gitbook.com/public/app/chunks/chunk-COSHZCUI.min.js
Requested by
Host: www.ired.team
URL: https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
735d139d23495c0ff4002da79c99da3dbc2eaf0e53328330d5fe7cc63b66a6e9

Request headers

Referer
https://app.gitbook.com/public/app/public-SU7MN35B.min.js?v=10.9.1-db277ac07224873d743603927ede35677a5e4498-1805839979
Origin
https://www.ired.team
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1411404
x-guploader-uploadid
ADPycdse79CrsvRimydJYYJuJ98TWoBrAAGnRZY61pDHfUMzrT2VkMX80qiMZwN34FMDeSOlTUAMzUipRRBVl20NJ7w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Thu, 21 Oct 2021 18:00:26 GMT
server
cloudflare
etag
W/"0f55f046c6298ec370f4ae43631222fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=KYmf0Q==, md5=D1XwRsYpjsNw9K5DYxIi/g==
x-goog-generation
1634839226765939
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, must-revalidate
x-goog-stored-content-length
1732
cf-ray
6db6b99e4d97910c-FRA
expires
Wed, 25 Jan 2023 08:25:40 GMT
__session
app.gitbook.com/
52 B
4 KB
Fetch
General
Full URL
https://app.gitbook.com/__session?proposed=a1f51a1d-d5a3-452b-b9a2-741f007c3990R
Requested by
Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-7C6S7RYL.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
f5702216676ed7fb81eabc1b509dca71957122890c002644924ee99f2216b8cb
Security Headers
Name Value
Content-Security-Policy default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com clearbit-risk.gitbook.com *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com clearbit-risk.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-magic-hash
49d38cae6df166333bd733a3df427730f11adc7f9fc0a6290c4c7b88857ce338
x-powered-by
GitBook
x-cache
MISS
x-release
gitbook-x-prod-10.9.2
vary
Origin, Accept-Encoding
access-control-allow-origin
https://www.ired.team
referrer-policy
no-referrer-when-downgrade
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"34-LUM6QZMvBWDAOnZFCUHu7c2O/Uo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
via
no cache
x-cloud-trace-context
298f1462854d075a8aca3d6aa30b9952
cache-control
private
access-control-allow-credentials
true
function-execution-id
bnhu3w3nsr6b
content-security-policy
default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com clearbit-risk.gitbook.com *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com clearbit-risk.gitbook.com https://js.stripe.com https://checkout.stripe.com https://www.recaptcha.net https://recaptcha.net https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.google.com/recaptcha/ https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com www.gstatic.com/recaptcha https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob: www.recaptcha.net; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network *.recaptcha.net recaptcha.net https://www.google.com/recaptcha/ https://recaptcha.google.com https://beacon-v2.helpscout.net; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
cf-ray
6db6b9a0dc669268-FRA
expires
Thu, 10 Feb 2022 16:30:58 GMT
/
o1000929.ingest.sentry.io/api/5960429/envelope/
2 B
244 B
Fetch
General
Full URL
https://o1000929.ingest.sentry.io/api/5960429/envelope/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_version=7
Requested by
Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-7C6S7RYL.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ired.team/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.ired.team
access-control-expose-headers
retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
2
rest
firestore.googleapis.com/$discovery/
48 KB
8 KB
Fetch
General
Full URL
https://firestore.googleapis.com/$discovery/rest
Requested by
Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-7C6S7RYL.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3283456af8cfd86d3582cc21bdc3bb2d0d8fc7a7ba3e396bb9425a289c368940
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.ired.team
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
8178
x-xss-protection
0
js
www.googletagmanager.com/gtag/
90 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer&id=UA-128974775-1
Requested by
Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-UUBB3DLQ.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5bce5d9c63de842d6800e09767fa590d395fb4adfdb3300baefabcf0a96e0e95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36131
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 10 Feb 2022 16:30:58 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=UA-128974775-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3365
date
Thu, 10 Feb 2022 15:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 10 Feb 2022 17:34:54 GMT
collect
www.google-analytics.com/j/
1 B
205 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=440067002&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ired.team%2Foffensive-security%2Fpersistence%2Ft1130-install-root-certificate&ul=en-us&de=UTF-8&dt=Installing%20Root%20Certificate%20-%20Red%20Teaming%20Experiments&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2144980888&gjid=138662875&cid=1707132805.1644510659&tid=UA-128974775-1&_gid=587260223.1644510659&_r=1&gtm=2ou290&z=1551178058
Requested by
Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-7C6S7RYL.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 16:30:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ired.team
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqMckKQO2kEqqc1UV%2Fcerts-certutil.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/
28 KB
28 KB
Image
General
Full URL
https://2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqMckKQO2kEqqc1UV%2Fcerts-certutil.png?alt=media&token=6c098d3c-c3f0-49f1-a284-248db726315d
Requested by
Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-TW2BC3YE.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
2dfb402162bc924ade07c769a1be4113d060ee88cee93c24461f7955c91f0880
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1
x-powered-by
GitBook
x-guploader-uploadid
ADPycduPaCnz96GFWb0QnL5gOaDxpbwN0MurDm4afNFOSIVY9AMguyI8WsFTPQvrTZHwcVIPs5pwMdJ8EhlklUP3gfE
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''certs-certutil.png
vary
Accept-Encoding
content-length
28361
cf-ray
6db6b9a3dcbd697b-FRA
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Aug 2018 18:32:43 GMT
server
cloudflare
etag
"ede6f30ab17b1418bc246bf79812c033"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
x-goog-hash
crc32c=rWEOrg==, md5=7ebzCrF7FBi8JGv3mBLAMw==
x-goog-generation
1534357963989464
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
28361
x-goog-meta-firebasestoragedownloadtokens
6c098d3c-c3f0-49f1-a284-248db726315d
content-security-policy
script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
accept-ranges
bytes
content-type
image/png
expires
Fri, 10 Feb 2023 16:30:58 GMT
assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqQ2VqLB4JYJDrAnZ%2Fcerts-installed.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/
58 KB
58 KB
Image
General
Full URL
https://2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqQ2VqLB4JYJDrAnZ%2Fcerts-installed.png?alt=media&token=6f6451bb-08c7-42fe-8bfd-d396a77e8a92
Requested by
Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-TW2BC3YE.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
3b008c2a94a6ee7026de0479a26fe3ea5037c015b6a08a8836c37856608e22fc
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1
x-powered-by
GitBook
x-guploader-uploadid
ADPycdt9BAkGP5ee7t5RFqGfT3m_xPLggMkabt0aUj90mWC92ZjjvwZTRoTj1BEJYMfVHVAbsftctfDM4Tv_gDnAquU
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''certs-installed.png
vary
Accept-Encoding
content-length
58931
cf-ray
6db6b9a3ecd3697b-FRA
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Aug 2018 18:32:43 GMT
server
cloudflare
etag
"e025cbff234cce35e37bc941c878c34d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
x-goog-hash
crc32c=uJfeJg==, md5=4CXL/yNMzjXje8lByHjDTQ==
x-goog-generation
1534357963999170
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
58931
x-goog-meta-firebasestoragedownloadtokens
6f6451bb-08c7-42fe-8bfd-d396a77e8a92
content-security-policy
script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
accept-ranges
bytes
content-type
image/png
expires
Fri, 10 Feb 2023 16:30:58 GMT
assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqbycoKnz6uhQe5WO%2Fcerts-add-with-ps.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/
26 KB
27 KB
Image
General
Full URL
https://2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqbycoKnz6uhQe5WO%2Fcerts-add-with-ps.png?alt=media&token=977a73c0-9160-4753-88d1-6e22cd426b89
Requested by
Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-TW2BC3YE.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
4e1455cf00349ef0a37105335e7e3e7aa130e07d14896ee47e652657cc3c858a
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1
x-powered-by
GitBook
x-guploader-uploadid
ADPycdvAgxMRJRJC4ISy-mvCG0kkKQpEomKr0S1Enfjvev3C4ZPt0KlobbxlhcGVBog5eOz1_dSdZigxsLlum3Cq7Gg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''certs-add-with-ps.png
vary
Accept-Encoding
content-length
26973
cf-ray
6db6b9a3fd01697b-FRA
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Aug 2018 18:32:44 GMT
server
cloudflare
etag
"af4444ea0439b95e57ccb098de0028c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
x-goog-hash
crc32c=bhFHfA==, md5=r0RE6gQ5uV5XzLCY3gAoyQ==
x-goog-generation
1534357964007543
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
26973
x-goog-meta-firebasestoragedownloadtokens
977a73c0-9160-4753-88d1-6e22cd426b89
content-security-policy
script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
accept-ranges
bytes
content-type
image/png
expires
Fri, 10 Feb 2023 16:30:58 GMT
assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqg-QzrDfu7RLZY3p%2Fcerts-ps-logging.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/
16 KB
17 KB
Image
General
Full URL
https://2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyqg-QzrDfu7RLZY3p%2Fcerts-ps-logging.png?alt=media&token=f97b0c60-a6f4-4c5a-b6f8-0bbd4d167908
Requested by
Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-TW2BC3YE.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
ed47c278bf3d7b130073a011f6cad4619cbd0f81e390b78b36f53c9bf9a54cbd
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1
x-powered-by
GitBook
x-guploader-uploadid
ADPycduVAEs8ljPEssusvJyzVsoOO9rJFUf-VRN_TWexMYLAuXZJM0SQK1pu_9QDNsZFS0qWW61dHJLpFJZn0lKdUmo
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''certs-ps-logging.png
vary
Accept-Encoding
content-length
16682
cf-ray
6db6b9a3fd1c697b-FRA
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Aug 2018 18:32:43 GMT
server
cloudflare
etag
"b2e73e268d905569f4a697fe6ed5ad75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
x-goog-hash
crc32c=W79svA==, md5=suc+Jo2QVWn0ppf+btWtdQ==
x-goog-generation
1534357963948157
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
16682
x-goog-meta-firebasestoragedownloadtokens
f97b0c60-a6f4-4c5a-b6f8-0bbd4d167908
content-security-policy
script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
accept-ranges
bytes
content-type
image/png
expires
Fri, 10 Feb 2023 16:30:58 GMT
assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyr4S1zYBs87IneLGr%2Fcerts-logs.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/
51 KB
51 KB
Image
General
Full URL
https://2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LJynKsn7J7D5s7mLbwz%2F-LJyr4S1zYBs87IneLGr%2Fcerts-logs.png?alt=media&token=adeef754-0099-4b94-bb12-d96ec058d34f
Requested by
Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-TW2BC3YE.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
2791874f2ac5a208d84ffb261c0adcf62b4790606433638c5489f1e95335d1d2
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1
x-powered-by
GitBook
x-guploader-uploadid
ADPycdt8hW11PELF7hhptCd9Ra2vX8IDhkRBNMO76kH9MrtfJ8PbeehLmBCJhQTLWVNOypWxlLYF5E2BcIVq7bOFeME
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''certs-logs.png
vary
Accept-Encoding
content-length
52258
cf-ray
6db6b9a3fd23697b-FRA
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Aug 2018 18:32:43 GMT
server
cloudflare
etag
"e0d5a37e5fb59d35ef29fb45a624868e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
x-goog-hash
crc32c=AxqoLA==, md5=4NWjfl+1nTXvKftFpiSGjg==
x-goog-generation
1534357963817758
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
52258
x-goog-meta-firebasestoragedownloadtokens
adeef754-0099-4b94-bb12-d96ec058d34f
content-security-policy
script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
accept-ranges
bytes
content-type
image/png
expires
Fri, 10 Feb 2023 16:30:58 GMT
assets%2F-LFEMnER3fywgFHoroYn%2F-LJz3ScYEAr42Csq9UcK%2F-LJz3Pa7Z4DINdAebLKM%2Fcerts-registry.png
2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/
39 KB
40 KB
Image
General
Full URL
https://2603957456-files.gitbook.io/~/files/v0/b/gitbook-28427.appspot.com/o/assets%2F-LFEMnER3fywgFHoroYn%2F-LJz3ScYEAr42Csq9UcK%2F-LJz3Pa7Z4DINdAebLKM%2Fcerts-registry.png?alt=media&token=31ca5d98-42de-4bef-9a9b-03c8c55d7d06
Requested by
Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-TW2BC3YE.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / GitBook
Resource Hash
af22694103076abf2a8dc1e4e5cfb9461a36c469b558a9feb08ce70c1b12c71b
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1
x-powered-by
GitBook
x-guploader-uploadid
ADPycds5y5odT1UY96Wd83fVwzgwX_IdWCYIJH0OP_tVUM1Fy5uvd2lqhNeBVVOyIJ3VxJyOY_tlXPLEsSp-Lx8EK2s
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''certs-registry.png
vary
Accept-Encoding
content-length
40274
cf-ray
6db6b9a40d30697b-FRA
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Aug 2018 19:31:02 GMT
server
cloudflare
etag
"fe275e02f6d0fb5b10a9d4c6beb3d9ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
x-goog-hash
crc32c=bPzO1Q==, md5=/ideAvbQ+1sQqdTGvrPZrQ==
x-goog-generation
1534361462659850
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
40274
x-goog-meta-firebasestoragedownloadtokens
31ca5d98-42de-4bef-9a9b-03c8c55d7d06
content-security-policy
script-src 'none'; object-src 'none'; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
accept-ranges
bytes
content-type
image/png
expires
Fri, 10 Feb 2023 16:30:58 GMT
https%3A%2F%2F2603957456-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-28427.appspot.com%2Fo%2Fspaces%252F-LFEMnER3fywgFHoroYn%252Favatar.png%3Fgeneration%3D1536436814766237%26alt%3Dmedia
www.gitbook.com/cdn-cgi/image/width=40,height=40,fit=contain,dpr=1,format=auto/
1 KB
1 KB
Image
General
Full URL
https://www.gitbook.com/cdn-cgi/image/width=40,height=40,fit=contain,dpr=1,format=auto/https%3A%2F%2F2603957456-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-28427.appspot.com%2Fo%2Fspaces%252F-LFEMnER3fywgFHoroYn%252Favatar.png%3Fgeneration%3D1536436814766237%26alt%3Dmedia
Requested by
Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-TW2BC3YE.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d624a9b45f2860bc9d67e56699a384e87ce9b441c8a30401787b702e734e2dc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
vary
Accept, Accept-Encoding
content-length
1073
last-modified
Sat, 08 Sep 2018 20:00:14 GMT
server
cloudflare
etag
"cfxEAstVGsILZwEUMa_yTuFg:2965c5f978755802debc0291c5574853"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-resized
internal=ok/h q=0 n=30 c=53 v=2022.1.0 l=1073
accept-ranges
bytes
cf-ray
6db6b9a42cee9268-FRA
cf-bgj
imgq:85,h2pri
https%3A%2F%2F2603957456-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-28427.appspot.com%2Fo%2Fspaces%252F-LFEMnER3fywgFHoroYn%252Favatar.png%3Fgeneration%3D1536436814766237%26alt%3Dmedia
www.gitbook.com/cdn-cgi/image/width=24,height=24,fit=contain,dpr=1,format=auto/
821 B
883 B
Image
General
Full URL
https://www.gitbook.com/cdn-cgi/image/width=24,height=24,fit=contain,dpr=1,format=auto/https%3A%2F%2F2603957456-files.gitbook.io%2F~%2Ffiles%2Fv0%2Fb%2Fgitbook-28427.appspot.com%2Fo%2Fspaces%252F-LFEMnER3fywgFHoroYn%252Favatar.png%3Fgeneration%3D1536436814766237%26alt%3Dmedia
Requested by
Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-TW2BC3YE.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2df816b4951890f17715d2625d77f04ee0921f40f0b2432ad764c96149d968
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:30:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
vary
Accept, Accept-Encoding
content-length
821
last-modified
Sat, 08 Sep 2018 20:00:14 GMT
server
cloudflare
etag
"cfORVgR5FT-ORC-PW8Ddvsrg:2965c5f978755802debc0291c5574853"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-resized
internal=ok/h q=0 n=67 c=27 v=2022.1.0 l=821
accept-ranges
bytes
cf-ray
6db6b9a42cf19268-FRA
cf-bgj
imgq:85,h2pri
/
app.gitbook.com/__amp/
7 B
157 B
XHR
General
Full URL
https://app.gitbook.com/__amp/
Requested by
Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-7C6S7RYL.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:96f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 10 Feb 2022 16:31:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=15768000
cf-ray
6db6b9a4588b910c-FRA
content-length
7
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/gif
favicon.ico
attack.mitre.org/theme/
6 KB
7 KB
Image
General
Full URL
https://attack.mitre.org/theme/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
954182ac30724d6ba9b75332a189a4f8b851286320a11485190ecf10f092dc23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id
ced87381c666a599c7b430a98c3d3df8071a64ea
date
Thu, 10 Feb 2022 16:31:00 GMT
via
1.1 varnish
age
0
x-cache
HIT
content-length
6518
x-served-by
cache-icn1450049-ICN
last-modified
Fri, 07 Jan 2022 20:58:16 GMT
server
GitHub.com
x-github-request-id
33B4:023C:1C9BBF1:1F120AA:6202BBF2
x-timer
S1644510660.974969,VS0,VE181
etag
"61d8a968-1976"
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
expires
Tue, 08 Feb 2022 19:02:34 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
1
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
54 B
95 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fgitbook-x-prod%2Fdatabases%2F(default)&VER=8&RID=68241&CVER=22&X-HTTP-Session-Id=gsessionid&%24httpHeaders=X-Goog-Api-Client%3Agl-js%2F%20fire%2F9.3.0%0D%0AContent-Type%3Atext%2Fplain%0D%0AX-Firebase-GMPID%3A1%3A958285583043%3Aweb%3A9c80475faa8bc9f9cb0876%0D%0A&zx=h8jgvqgff3q9&t=1
Requested by
Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-7C6S7RYL.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96c4dc980990b11ef278067b4f211be406c878e8d202d1002d7d677c003534d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 10 Feb 2022 16:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-client-wire-protocol
h2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.ired.team
access-control-expose-headers
x-client-wire-protocol,x-http-session-id
cache-control
private
access-control-allow-credentials
true
x-http-session-id
d3ozB7hYaNpD3l-pvikOGNjdEcyuk1a51Yl3sf4SUJM
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
6 MB
0
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fgitbook-x-prod%2Fdatabases%2F(default)&gsessionid=d3ozB7hYaNpD3l-pvikOGNjdEcyuk1a51Yl3sf4SUJM&VER=8&RID=rpc&SID=-bqBU6GQCL9xPOHERmtqew&CI=0&AID=0&TYPE=xmlhttp&zx=jahbnetkxr8k&t=1
Requested by
Host: app.gitbook.com
URL: https://app.gitbook.com/public/app/chunks/chunk-7C6S7RYL.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ired.team/offensive-security/persistence/t1130-install-root-certificate
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 16:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.ired.team
vary
origin
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| iframely string| __GITBOOK_INITIAL_PROPS__ string| __GITBOOK_INITIAL_STATE__ boolean| __GITBOOK_INITIAL_RENDER__ boolean| __GITBOOK_INITIAL_STATE_COMPRESSED__ object| __GITBOOK_LAZY_MODULES__ object| __SENTRY__ function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __spreadArray function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet object| __AMPLITUDE__ object| analytics object| __algolia function| hotkeys object| Prism boolean| __reactResponderSystemActive object| google_tag_manager object| dataLayer function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData boolean| __isReactDndBackendSetUp

5 Cookies

Domain/Path Name / Value
.gitbook.com/ Name: __session
Value: a1f51a1d-d5a3-452b-b9a2-741f007c3990R
.ired.team/ Name: _ga
Value: GA1.2.1707132805.1644510659
.ired.team/ Name: _gid
Value: GA1.2.587260223.1644510659
.ired.team/ Name: _gat_gtag_UA_128974775_1
Value: 1
.ired.team/ Name: amp_fef1e8
Value: a1f51a1d-d5a3-452b-b9a2-741f007c3990R...1fri7igav.1fri7igl6.1.0.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https:; default-src 'self' app.gitbook.com api.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' app.gitbook.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.polyfill.io https://cdn.amplitude.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com; worker-src 'self' blob:; frame-src www.intercom-reporting.com www.googletagmanager.com *; form-action api-iam.intercom.io intercom.help; media-src *.intercomcdn.com; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.2;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2603957456-files.gitbook.io
app.gitbook.com
attack.mitre.org
cdn.iframe.ly
cdn.polyfill.io
firestore.googleapis.com
o1000929.ingest.sentry.io
www.gitbook.com
www.google-analytics.com
www.googletagmanager.com
www.ired.team
13.32.22.119
2606:4700::6812:191
2606:4700::6812:86f
2606:4700::6812:96f
2606:50c0:8001::153
2a00:1450:4001:808::2008
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a04:4e42::282
34.120.195.249
0c4fce1d85013fd3ba055b70a74b90323c16b75a863ae4305d19afa21881f83b
1017987f489138c96d751c0502e70cafe33105efc5abd63abc22c396e478c261
142dda220b464de17ccaa3949b42543c6488ede54423361364bffb67ec054a2b
1588e257d5d5d137bdf245d5d1e6e9e89a7393e411feab9fcb28eba9fa615779
1b6bd80893f51a415ef673bafc06675d7345d2d8589687a8cf240b71a29cf93c
1ffaaddf29587e770fcfeee80d9d6c482d7240f90f22b2051cf3481dfd23e919
22bd02e6d93053cbd8610c8dbe1c803d3e8a9210ba0e314192f4f854ee9f6755
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
276f0b9b25d8cac0b4bb53548a917c55dabe105b1de8e574f0b846e92f42a82f
2791874f2ac5a208d84ffb261c0adcf62b4790606433638c5489f1e95335d1d2
2c2df816b4951890f17715d2625d77f04ee0921f40f0b2432ad764c96149d968
2dfb402162bc924ade07c769a1be4113d060ee88cee93c24461f7955c91f0880
2e9516397b60a1f72e680cd614eeae501cc05e8336b41677f6ddcf7ca91ce87b
2efac057a2414abd40c735212becfad75ca89adb7c858af5f9d8d432b3f72418
2fc43de0b7192ea8d141166fd138508b806a7742a19d60d376717d299249a721
3283456af8cfd86d3582cc21bdc3bb2d0d8fc7a7ba3e396bb9425a289c368940
391798381365eae6431d5301789e74ae40318b5a909f6732710c938f709dd15b
3b008c2a94a6ee7026de0479a26fe3ea5037c015b6a08a8836c37856608e22fc
3d34cfc23f4240f56f29cc87c9647409a9807904efc0d6be5f0302aa4a8c036b
3d43efc9141d3cc0cf15cd8c41b91054a98f480cf549c486177d21604c49d466
42344c146d9f54a8c38e8448ccae462e87abad1ece4717d91038b84bac3c0ec9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4527b523271b31ea23e2241eaa32be773ae97e2100a4cde9c4ea807f5bdf345e
474219c4838734328bacdf2229ee7aa9b960e1e22b36aa0b2440dee68b7ded93
4e1455cf00349ef0a37105335e7e3e7aa130e07d14896ee47e652657cc3c858a
5453e597cfe3555606ad034aa96beac23e002cd8809eb20af1f7b8ee801f5a53
54993a7fa246426ef776a0f85ee1438ac09ec6af64b779a3c2ab2a41721bc17b
5bce5d9c63de842d6800e09767fa590d395fb4adfdb3300baefabcf0a96e0e95
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
735d139d23495c0ff4002da79c99da3dbc2eaf0e53328330d5fe7cc63b66a6e9
73971d2e544090ece7946c253f97ad012433034112729f30460561f1b3f3baa4
7e3d5912dce2f1c3f73684faf7cc4fa17f49f557393668f779206ea854f73577
8789224140397e0644f8d3daf8aaa2733d8a357be81b239188de34b81b3cb11c
8be2edcbae84d5edd53e879a9a8d6c58a8eea966820ac287c0275a9698495518
91edc14c712c0f1f64767c76dc267782a71d64eef6a3fa0b78e3550b67031f7f
954182ac30724d6ba9b75332a189a4f8b851286320a11485190ecf10f092dc23
96c4dc980990b11ef278067b4f211be406c878e8d202d1002d7d677c003534d6
9710122074551b432906e79ac42e3623430b8455d597181642ea326df42f85ec
99b06c0121019e577fbeb61926a76ab064ebf04641e17b3f3cdd31c5bfada827
9bc23ccb75a44da0eb93c930059714f5b91392b5034cc6432161d6213e752a2d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9181efb23e405a5ae51f5eb9ed17564496ab30195bfa13ecb923460d8a92300
abe67ac80a18e468ba4e9fc2138ddf670e168fb92b38ed1e71da54eecd420d9d
ae2d50241a5a8dc73dfe46fa805d284d4d7f3f787d92eb821d974764c4fd9b3a
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
af22694103076abf2a8dc1e4e5cfb9461a36c469b558a9feb08ce70c1b12c71b
afda05801f08767b436bfd8cb71650d501f70951d5e2a82176b12b04818c197a
b37d775bb347246729d437f266c2dfcd705a9171580f6149ab673b10a3500367
b4c2bc33902c63e87d08ab045dff1234454a7d8277cc13d56d87f27718d42854
b836803e97f161fdf9ff088ff46b8b4b9211ef8a1759ee1b223923a2852c6ec4
b99bbf71a6f969220cdd9f2ca640de3c06a549aea7b7279b3cea43b15876cc99
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c1304e827c9f8fc12aafc451c7e88b9c4395bc2ca27072414bb4da27e76f3265
c21b364e56bf4871ea77c2849df53da83b3e9415c39b82abc08cf0d1f29505f6
c3825ade211661f93f93126a98b7b0ebe2f8c0dc59bbda62d8a33883d38c9615
cc85ca1807422f0603716b43ec3f6544ae0a2f395bee02ad3eeb000c2a2aaf86
d624a9b45f2860bc9d67e56699a384e87ce9b441c8a30401787b702e734e2dc1
e24189d8a1f5ac6beed5f9c19f384a917186c2f2a546b6cc5f4578a9c8a6b492
e48fe0ea8571a715c45a588e0fb3a3f2dc2c1846e8146e62e9b06951094d93aa
e5040037b99f33713b533de1799d81b07b984140ec146f1a1d0fecee19fa3482
ed47c278bf3d7b130073a011f6cad4619cbd0f81e390b78b36f53c9bf9a54cbd
f5702216676ed7fb81eabc1b509dca71957122890c002644924ee99f2216b8cb
f611fc6433e83da882d2bf6de652b0f6b0f299ba912625d4dac4c0d219763e62