labs.withsecure.com Open in urlscan Pro
2a02:26f0:480:23::1726:6297 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Submission: On June 13 via api (June 13th 2024, 2:17:28 am UTC) from TR — Scanned from DE

Summary HTTP 80 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 80 HTTP transactions. The main IP is 2a02:26f0:480:23::1726:6297, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is labs.withsecure.com.
TLS certificate: Issued by R3 on April 16th 2024. Valid for: 3 months.

This is the only time labs.withsecure.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
57	2a02:26f0:480... 2a02:26f0:480:23::1726:6297	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	2606:4700::68... 2606:4700::6813:b234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80b::2013	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:710... 2a02:26f0:7100::210:132	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:f6cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
80	9

57 2a02:26f0:480:23::1726:6297 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

labs.withsecure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

sst.withsecure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::210:132 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.withsecure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f6cb (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	withsecure.com labs.withsecure.com sst.withsecure.com www.withsecure.com	835 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	155 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 90	15 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 136	64 B
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1017	4 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 638	295 B
0	cloudfunctions.net Failed europe-central2-theta-byte-348711.cloudfunctions.net Failed
80	7

	Domain	Requested by
57	labs.withsecure.com	labs.withsecure.com
11	cdn.cookielaw.org	labs.withsecure.com cdn.cookielaw.org
5	sst.withsecure.com	labs.withsecure.com sst.withsecure.com
2	www.youtube.com	sst.withsecure.com www.youtube.com
1	pagead2.googlesyndication.com	sst.withsecure.com
1	unpkg.com	labs.withsecure.com
1	www.withsecure.com	labs.withsecure.com
1	geolocation.onetrust.com	cdn.cookielaw.org
0	europe-central2-theta-byte-348711.cloudfunctions.net Failed	labs.withsecure.com
80	9

This site contains links to these domains. Also see Links.

Domain
uk.linkedin.com
twitter.com
www.linkedin.com
www.facebook.com
www.withsecure.com
github.com
www.onetrust.com

Subject Issuer	Validity	Valid
labs.withsecure.com R3	`2024-04-16` - `2024-07-15`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
sst.withsecure.com R10	`2024-06-09` - `2024-09-07`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
withsecure.com DigiCert SHA2 Extended Validation Server CA	`2024-05-10` - `2025-05-10`	a year	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
unpkg.com GTS CA 1P5	`2024-05-30` - `2024-08-28`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Frame ID: 10EAB7EDD6D0BC80343377B50C8D8095
Requests: 80 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mass exploitation: The vulnerable edge of enterprise security | WithSecure™ Labs

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

80
Requests

99 %
HTTPS

88 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

1009 kB
Transfer

3046 kB
Size

6
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://uk.linkedin.com/in/stephen-robinson-751498241
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Mass%20exploitation%3A%20The%20vulnerable%20edge%20of%20enterprise%20security%20%7C%20WithSecure%E2%84%A2%20Labs&url=https%3A%2F%2Flabs.withsecure.com%2Fpublications%2Fmass-exploitation-the-vulnerable-edge-of-enterprise-security

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Flabs.withsecure.com%2Fpublications%2Fmass-exploitation-the-vulnerable-edge-of-enterprise-security&title=Mass%20exploitation%3A%20The%20vulnerable%20edge%20of%20enterprise%20security%20%7C%20WithSecure%E2%84%A2%20Labs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Flabs.withsecure.com%2Fpublications%2Fmass-exploitation-the-vulnerable-edge-of-enterprise-security&p[title]=Mass%20exploitation%3A%20The%20vulnerable%20edge%20of%20enterprise%20security%20%7C%20WithSecure%E2%84%A2%20Labs

Search URL Search Domain Scan URL

URL: https://www.withsecure.com/en/expertise/research-and-innovation/research/the-professionalization-of-cyber-crime
Title: reporting

Search URL Search Domain Scan URL

URL: https://github.com/withsecurelabs
Title: GitHub

Search URL Search Domain Scan URL

URL: https://www.withsecure.com/en/about-us/company-contacts/contact-us
Title: Contact WithSecure™

Search URL Search Domain Scan URL

URL: https://www.withsecure.com/en/whats-new/email-preferences
Title: WithSecure™ Newsletter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/withsecure/

Search URL Search Domain Scan URL

URL: https://twitter.com/withsecure

Search URL Search Domain Scan URL

URL: https://www.withsecure.com/en/about-us/legal/privacy#cookies
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.withsecure.com/en/about-us/legal/privacy#websites
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request mass-exploitation-the-vulnerable-edge-of-enterprise-security Show response
labs.withsecure.com/publications/ 48 KB
13 KB 247ms
49ms Document
text/html 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f703e7b1921faa2ff06f7eb15b0ac76cbe777f2eb154090a813ff548aeafcb9e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 12635
content-security-policy: upgrade-insecure-requests;
content-type: text/html;charset=utf-8
date: Thu, 13 Jun 2024 02:17:10 GMT
etag: "c121-61aac81d5995e-gzip"
expires: Thu, 13 Jun 2024 02:17:10 GMT
last-modified: Wed, 12 Jun 2024 07:41:15 GMT
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-fra-eddf8230054-FRA
x-timer: S1718245030.353530,VS0,VS0,VE2
x-vhost: labs.withsecure.com

GET
H2 200 TitlingGothicFBNor-Stand.otf
labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign/resources/TitlingGothicFBNormal/ 29 KB
22 KB 64ms
4ms Font
font/otf 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign/resources/TitlingGothicFBNormal/TitlingGothicFBNor-Stand.otf

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7fb46498de20ea16e62e5562dc685785e61becd11d74775226d2821f40a8c8b6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Origin: https://labs.withsecure.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 21785
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Fri, 07 Jun 2024 08:42:57 GMT
x-timer: S1718177165.423335,VS0,VS0,VE1
etag: "73cc-61a48c9456640-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes

GET
H2 200 TitlingGothicFBNor-Reg.woff2
labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign/resources/TitlingGothicFBNormal/ 29 KB
29 KB 75ms
16ms Font
font/woff2 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign/resources/TitlingGothicFBNormal/TitlingGothicFBNor-Reg.woff2

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

801f5680be22cde1816595e3ffdae49e54960b8ceaf9a5ecdf701f3db6aaab6f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Origin: https://labs.withsecure.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 29680
x-served-by: cache-fra-eddf8230156-FRA
last-modified: Tue, 07 May 2024 17:13:01 GMT
x-timer: S1717483824.502804,VS0,VS0,VE3
etag: "73f4-617e04c54c140-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: *
accept-ranges: bytes

GET
H2 200 TitlingGothicFBNor-Med.woff2
labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign/resources/TitlingGothicFBNormal/ 29 KB
29 KB 105ms
47ms Font
font/woff2 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign/resources/TitlingGothicFBNormal/TitlingGothicFBNor-Med.woff2

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

85a72a74f174401f2c9b947ed841681d0b29216046cbbeccea44c48d6513b364

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Origin: https://labs.withsecure.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 29526
x-served-by: cache-fra-eddf8230119-FRA
last-modified: Tue, 07 May 2024 17:13:01 GMT
x-timer: S1718022823.751719,VS0,VS0,VE3
etag: "7348-617e04c54c140-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: *
accept-ranges: bytes

GET
H2 200 Archivo-Light.woff2
labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign/resources/Archivo/ 51 KB
51 KB 216ms
151ms Font
font/woff2 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign/resources/Archivo/Archivo-Light.woff2

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a6b3e6672c85fefbec32617a9718acdd2a50b4cbbbfa8bdec114c950c2a5be70

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Origin: https://labs.withsecure.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 51900
x-served-by: cache-fra-eddf8230139-FRA
last-modified: Fri, 19 Apr 2024 08:23:51 GMT
x-timer: S1714986238.388963,VS0,VS0,VE1
etag: "caa0-6166ecebd73c0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: *
accept-ranges: bytes

GET
H2 200 Archivo-Regular.woff2
labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign/resources/Archivo/ 51 KB
52 KB 245ms
180ms Font
font/woff2 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign/resources/Archivo/Archivo-Regular.woff2

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b315af549bc79d980abe0bca0a648ecfa0106be1bf205bf9ed809e6381f24d0a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Origin: https://labs.withsecure.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 52376
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Tue, 07 May 2024 17:13:01 GMT
x-timer: S1716548457.522739,VS0,VS0,VE2
etag: "cc7c-617e04c54c140-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: *
accept-ranges: bytes

GET
H2 200 Archivo-Medium.woff2
labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign/resources/Archivo/ 51 KB
51 KB 269ms
205ms Font
font/woff2 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign/resources/Archivo/Archivo-Medium.woff2

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

15a9502c5af2e23747c2e32bd739b1c86ed4b88d6b9f5a5dd9c57cb6625eb51b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Origin: https://labs.withsecure.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 52232
x-served-by: cache-fra-eddf8230109-FRA
last-modified: Wed, 29 May 2024 14:53:30 GMT
x-timer: S1717224483.847430,VS0,VS0,VE1
etag: "cbec-61998e9e3ae80-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: *
accept-ranges: bytes

GET
H2 200 Archivo-SemiBold.woff2
labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign/resources/Archivo/ 50 KB
50 KB 284ms
220ms Font
font/woff2 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign/resources/Archivo/Archivo-SemiBold.woff2

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5eb4dd14550d2c8771c20a8907fb17f0e9bcf57aa017fbc2cf571897b23a4135

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Origin: https://labs.withsecure.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 51132
x-served-by: cache-fra-eddf8230063-FRA
last-modified: Wed, 29 May 2024 14:53:30 GMT
x-timer: S1717768288.961366,VS0,VS0,VE2
etag: "c7a0-61998e9e3ae80-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: *
accept-ranges: bytes

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 189ms
48ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 02:17:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: YmFgVUTeB0lXZXM9YgX19A==
age: 20224
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jun 2024 01:58:26 GMT
server: cloudflare
etag: 0x8DC8A83263D01F4
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 64ec951a-a01e-002f-35e3-bcc053000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892e9531995e9219-FRA
expires: Thu, 13 Jun 2024 20:40:06 GMT

GET
H2 200 clientlibs.lc-4aa3bf44f95ca0adbedc20a614295557-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/components/structure/footerWithSecure/v1/footerWithSecure/ 3 KB
1 KB 176ms
115ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/structure/footerWithSecure/v1/footerWithSecure/clientlibs.lc-4aa3bf44f95ca0adbedc20a614295557-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c36e87ed638433e26eb31eca6d1c1df3e55a489a7473d8ce2bddf873427def3b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 1125
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Fri, 22 Mar 2024 10:30:56 GMT
x-timer: S1711109985.823231,VS0,VS0,VE1
etag: W/"de7-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503033
accept-ranges: bytes

GET
H2 200 redesign.lc-9434801ef1bef3f50d258aeafe6d175a-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/ 228 KB
23 KB 176ms
115ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign.lc-9434801ef1bef3f50d258aeafe6d175a-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0e31be73f7d3548fa2bb07afcae7eb23b0202f7f99cac63a255c428c3e7bd0f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 23058
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Fri, 22 Mar 2024 10:30:56 GMT
x-timer: S1711109985.836704,VS0,VS0,VE1
etag: W/"391b1-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503111
accept-ranges: bytes

GET
H2 200 onezero.lc-4a4a2d93077e548434e3cd2dd6522d0b-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/ 3 KB
1 KB 193ms
133ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/onezero.lc-4a4a2d93077e548434e3cd2dd6522d0b-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6f62fe8fd2fe4ccb028ba492a1e310a420120326c80d174bc3b15e2f89bec5e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 719
x-served-by: cache-fra-eddf8230115-FRA
last-modified: Fri, 22 Mar 2024 10:30:56 GMT
x-timer: S1711109985.837669,VS0,VS0,VE1
etag: W/"a32-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503080
accept-ranges: bytes

GET
H2 200 backgroundgradient.lc-f91279f317e10593c15bcaf779e50d81-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/ 1 KB
617 B 193ms
135ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/backgroundgradient.lc-f91279f317e10593c15bcaf779e50d81-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d2940262ee589f294052fc24f7421d4db845495211dbe18570cc2921b8ab139d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 239
x-served-by: cache-fra-eddf8230042-FRA
last-modified: Fri, 22 Mar 2024 10:30:56 GMT
x-timer: S1711109985.837181,VS0,VS0,VE1
etag: W/"519-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=596372
accept-ranges: bytes

GET
H2 200 clientlibs.lc-f30fd7ed31f518726db00f8610e7e7d6-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/hero/ 3 KB
1 KB 193ms
135ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/hero/clientlibs.lc-f30fd7ed31f518726db00f8610e7e7d6-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

00d571c556bd91b0dd21491074cafdc57d69061b707c73fec49dc785712b080e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 935
x-served-by: cache-fra-eddf8230042-FRA
last-modified: Fri, 22 Mar 2024 10:30:56 GMT
x-timer: S1711109985.870691,VS0,VS0,VE1
etag: W/"aae-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503022
accept-ranges: bytes

GET
H2 200 clientlibs.lc-22b50f234e552882a546c23d6d0e16bb-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/components/content/breadcrumb/v1/breadcrumb/ 2 KB
914 B 192ms
136ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/breadcrumb/v1/breadcrumb/clientlibs.lc-22b50f234e552882a546c23d6d0e16bb-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

678bece18bc3eed09516801877fbbaba769ccb55ab488f7379d282d5888aa3d4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 537
x-served-by: cache-fra-eddf8230048-FRA
last-modified: Fri, 22 Mar 2024 10:30:56 GMT
x-timer: S1711235890.804201,VS0,VS0,VE1
etag: W/"68f-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503037
accept-ranges: bytes

GET
H2 200 clientlibs.lc-8547c17b482bbc7e9e9d5c18bd067a6c-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/breadcrumb/ 2 KB
1 KB 192ms
136ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/breadcrumb/clientlibs.lc-8547c17b482bbc7e9e9d5c18bd067a6c-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

37401e40203df81001383404ff88c9ec6f2a7d193277477b70995926a319bbdd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 671
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Fri, 22 Mar 2024 10:30:56 GMT
x-timer: S1711235890.814452,VS0,VS0,VE5
etag: W/"8ef-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503094
accept-ranges: bytes

GET
H2 200 clientlibs.lc-33a77119a80272d2eb122d3895ca9cfe-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/cta/ 4 KB
1 KB 191ms
137ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/cta/clientlibs.lc-33a77119a80272d2eb122d3895ca9cfe-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3018e44fea1cf4959a57c077f79a1b7815ee6b48d1d9c50c30d4737ad1e4dce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 700
x-served-by: cache-fra-eddf8230024-FRA
last-modified: Fri, 22 Mar 2024 10:30:56 GMT
x-timer: S1711109985.845562,VS0,VS0,VE1
etag: W/"105b-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=596371
accept-ranges: bytes

GET
H2 200 clientlibs.lc-cbf28f2a17d678afb97b24a8a4cfda42-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/navigationContent/ 8 KB
2 KB 191ms
137ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/navigationContent/clientlibs.lc-cbf28f2a17d678afb97b24a8a4cfda42-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f3746040046f6ff20708de4a609bc1b538efe2e654fedcdaeab433fb828d562c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 1199
x-served-by: cache-fra-eddf8230035-FRA
last-modified: Fri, 22 Mar 2024 10:30:56 GMT
x-timer: S1711109985.854092,VS0,VS0,VE1
etag: W/"1f63-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=596371
accept-ranges: bytes

GET
H2 200 clientlibs.lc-d99b84a3ea635e094ecf316d47bc4353-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/languageSelectorV2/v1/languageSelectorV2/ 1 KB
761 B 190ms
137ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/languageSelectorV2/v1/languageSelectorV2/clientlibs.lc-d99b84a3ea635e094ecf316d47bc4353-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

45437201a5e1295fa97b2fe5ad95a432684f1b55e37328f9467e36a8e2b7cafd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 383
x-served-by: cache-fra-eddf8230042-FRA
last-modified: Fri, 22 Mar 2024 10:30:56 GMT
x-timer: S1711109985.854076,VS0,VS0,VE1
etag: W/"499-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=596371
accept-ranges: bytes

GET
H2 200 clientlibs.lc-2a43c8be992428ddd42b3d97de1dda96-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/languageSelector/ 3 KB
1 KB 190ms
138ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/languageSelector/clientlibs.lc-2a43c8be992428ddd42b3d97de1dda96-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cf65fd8322a51577b264d6bb49f5d3340b404733875b1aef378b6da402189ea5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 723
x-served-by: cache-fra-eddf8230115-FRA
last-modified: Fri, 22 Mar 2024 10:30:56 GMT
x-timer: S1711109985.854378,VS0,VS0,VE2
etag: W/"c63-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=596371
accept-ranges: bytes

GET
H2 200 clientlibs.lc-045c5e0ef80567e7a31400696492792b-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/collapsible/ 1 KB
921 B 190ms
138ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/collapsible/clientlibs.lc-045c5e0ef80567e7a31400696492792b-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f9f88b5c0f724190f90f7b06f8975c9ac6f00dfe9127fd858d063c7d138ea65c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 542
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Fri, 22 Mar 2024 10:30:56 GMT
x-timer: S1711109985.854625,VS0,VS0,VE3
etag: W/"46e-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=596372
accept-ranges: bytes

GET
H2 200 clientlibs.lc-49d7311e3d1d26c6f2dc9abafdcee631-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/relatedInfo/ 2 KB
1 KB 189ms
139ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/relatedInfo/clientlibs.lc-49d7311e3d1d26c6f2dc9abafdcee631-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

25d81dde397de071f8a75b76883a6ba893e57e3ad47f8e0ec084345c0b8a1372

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 723
x-served-by: cache-fra-eddf8230024-FRA
last-modified: Fri, 22 Mar 2024 10:30:56 GMT
x-timer: S1711109985.863692,VS0,VS0,VE1
etag: W/"799-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=596372
accept-ranges: bytes

GET
H2 200 animations.lc-4d106613dd388f6a84f8a33043d0a9d6-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/ 138 B
502 B 188ms
139ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/animations.lc-4d106613dd388f6a84f8a33043d0a9d6-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c5a01dcabdb9fc6aed2729e0dca4a2496379a13de142fee66d3e0ee7a0ea3a42

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 126
x-served-by: cache-fra-eddf8230035-FRA
last-modified: Fri, 22 Mar 2024 10:30:56 GMT
x-timer: S1711109985.837484,VS0,VS0,VE1
etag: W/"8a-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=142074
accept-ranges: bytes

GET
H2 200 clientlibs.lc-21426d4480411c4c3012de46fdaedf98-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/pageListing/ 7 KB
2 KB 187ms
140ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/pageListing/clientlibs.lc-21426d4480411c4c3012de46fdaedf98-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

80778b7639a785fb8943d46400b232d85dbd160b574fbeca586e66af5a5cf553

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 1986
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Fri, 22 Mar 2024 10:30:56 GMT
x-timer: S1711109985.869769,VS0,VS0,VE1
etag: W/"1aa1-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=596372
accept-ranges: bytes

GET
H2 200 clientlibs.lc-1393035747f83ab0f567ee348a78f580-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/businessHeader/ 35 KB
5 KB 186ms
140ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/businessHeader/clientlibs.lc-1393035747f83ab0f567ee348a78f580-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7149e53b658e23ad239633e894b0aa033d72fb10712650d22172718f7d695882

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 4535
x-served-by: cache-fra-eddf8230115-FRA
last-modified: Fri, 22 Mar 2024 10:30:56 GMT
x-timer: S1711109985.870376,VS0,VS0,VE1
etag: W/"8d99-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503014
accept-ranges: bytes

GET
H2 200 aos.lc-c175308424bc0c512d0f91c9bb5498cc-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/vendor/ 28 KB
3 KB 188ms
144ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/vendor/aos.lc-c175308424bc0c512d0f91c9bb5498cc-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

464fcc008737ce9cf97b5d18b606256bdd164c859c23a0014cf0be335f226a7a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 2453
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Fri, 22 Mar 2024 10:30:56 GMT
x-timer: S1711109985.836091,VS0,VS0,VE1
etag: W/"7110-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503072
accept-ranges: bytes

GET
H2 200 clientlibs.lc-fedcbea2d57ffebdb2d1bfed4b8a0a55-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/customContainer/ 9 KB
2 KB 189ms
145ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/customContainer/clientlibs.lc-fedcbea2d57ffebdb2d1bfed4b8a0a55-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

18bf5059ed0cd810826d412a00279b2d1168e11091282433a54c9222f8b7757a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 1401
x-served-by: cache-fra-eddf8230035-FRA
last-modified: Fri, 22 Mar 2024 10:30:56 GMT
x-timer: S1711109985.871373,VS0,VS0,VE1
etag: W/"24ae-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503110
accept-ranges: bytes

GET
H2 200 clientlibs.lc-63fd66b475c931eb9745928847297697-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/tagTimestamp/ 1 KB
762 B 189ms
146ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/tagTimestamp/clientlibs.lc-63fd66b475c931eb9745928847297697-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

867286c83491dea215874b9c9e5cefe7097653f3adad2c87ec2262b140d20638

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 384
x-served-by: cache-fra-eddf8230024-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.880776,VS0,VS0,VE1
etag: W/"413-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=596372
accept-ranges: bytes

GET
H2 200 clientlibs.lc-7c653c6d3f467c7f00c7771e6e7e790d-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/components/content/countdown/v1/countdown/ 2 KB
887 B 189ms
147ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/countdown/v1/countdown/clientlibs.lc-7c653c6d3f467c7f00c7771e6e7e790d-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

62b53a956523f6643fc9c6510f3c162c991541db774bdb641d46bc327e0631ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 510
x-served-by: cache-fra-eddf8230035-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.899379,VS0,VS0,VE2
etag: W/"9d0-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503004
accept-ranges: bytes

GET
H2 200 clientlibs.lc-e153829cc2579fffbe8bd9fc343e3dd5-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/socialShare/ 4 KB
1 KB 188ms
148ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/socialShare/clientlibs.lc-e153829cc2579fffbe8bd9fc343e3dd5-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

98cbc02bf4c973365818f7f63efa7da513888ccbf0242a7e21256ec45fd1902a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 874
x-served-by: cache-fra-eddf8230042-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.893039,VS0,VS0,VE1
etag: W/"e59-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=596372
accept-ranges: bytes

GET
H2 200 clientlibs.lc-d6a62b3c88326363208cbd37eea0f68f-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/progressbar/ 7 KB
2 KB 188ms
148ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/progressbar/clientlibs.lc-d6a62b3c88326363208cbd37eea0f68f-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0828ab6e8a05e29c0ed1728aaa76a4872e88d7a008ae5111823d99d75143fa9e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 1917
x-served-by: cache-fra-eddf8230115-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.893321,VS0,VS0,VE1
etag: W/"1c12-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503052
accept-ranges: bytes

GET
H2 200 clientlibs.lc-93bb4919b55650c6186b352944af3fa0-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/authorWidget/ 5 KB
2 KB 188ms
149ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/authorWidget/clientlibs.lc-93bb4919b55650c6186b352944af3fa0-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b945ec1db31e1f7773d344e773f02636fe5bc3c73e85b27b2bd50fa5153cf7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 1295
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.893428,VS0,VS0,VE1
etag: W/"1522-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503095
accept-ranges: bytes

GET
H2 200 clientlibs.lc-25431a0e6aa18efea9d8c6791d513383-lc.min.css
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/businessRichtext/ 1 KB
797 B 185ms
149ms Stylesheet
text/css 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/businessRichtext/clientlibs.lc-25431a0e6aa18efea9d8c6791d513383-lc.min.css

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

682584619d8884c4f90ee1e85747ec4b1d6cf3a286a7d40b145bc15bb976a4cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 421
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.928037,VS0,VS0,VE1
etag: W/"42e-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503021
accept-ranges: bytes

GET
H2 200 clientlibs.lc-b0227c7d50e25e125f200766c712fded-lc.min.js Show response
labs.withsecure.com/etc.clientlibs/f-secure/components/structure/footerWithSecure/v1/footerWithSecure/ 422 B
637 B 264ms
229ms Script
application/javascript 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/structure/footerWithSecure/v1/footerWithSecure/clientlibs.lc-b0227c7d50e25e125f200766c712fded-lc.min.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e6c437fec3e9c6b1c05e51b38aa75bd871b0fa69b38eefb3acefc447d99a10ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 251
x-served-by: cache-fra-eddf8230024-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.901003,VS0,VS0,VE2
etag: W/"1a6-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503052
accept-ranges: bytes

GET
H2 200 redesign.lc-8c8ea3fefcda188dab01f1ea03e0d724-lc.min.js Show response
labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/ 19 KB
6 KB 264ms
230ms Script
application/javascript 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign.lc-8c8ea3fefcda188dab01f1ea03e0d724-lc.min.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bf2505915bb54a10404d7b9b20e06f04531e0a1be638dc004cf7719c3514c277

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 6129
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Tue, 09 Apr 2024 08:43:14 GMT
x-timer: S1712726728.880893,VS0,VS0,VE2
etag: W/"4bd5-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503066
accept-ranges: bytes

GET
H2 200 onezero.lc-ec154f80104e374f3be6b2eb29fb16f1-lc.min.js Show response
labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/ 7 KB
2 KB 274ms
241ms Script
application/javascript 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/onezero.lc-ec154f80104e374f3be6b2eb29fb16f1-lc.min.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

681819a802597a0e22f5d18dc62c86722de2d30c8f7b25122799b94b4345a635

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 1737
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.948844,VS0,VS0,VE1
etag: W/"1db5-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503039
accept-ranges: bytes

GET
H2 200 backgroundgradient.lc-b5c4e188fca35d90751cc8b09f4a4370-lc.min.js Show response
labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/ 13 KB
4 KB 274ms
242ms Script
application/javascript 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/backgroundgradient.lc-b5c4e188fca35d90751cc8b09f4a4370-lc.min.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

47e283b1f58c10ef70b3c08eba01e181ff378c6de639a304dccdc220cc729b01

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 3561
x-served-by: cache-fra-eddf8230035-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.923595,VS0,VS0,VE1
etag: W/"35e7-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503032
accept-ranges: bytes

GET
H2 200 three.lc-a26d2c859e378f2ceb08f1adbb039bcf-lc.min.js Show response
labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/vendor/ 630 KB
157 KB 274ms
242ms Script
application/javascript 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/vendor/three.lc-a26d2c859e378f2ceb08f1adbb039bcf-lc.min.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9688d0adafb01b08034f4e9ac1798e840eb76f3bc3bc9284615b3740936e50c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 160759
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.933918,VS0,VS0,VE17
etag: W/"9d853-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=536879
accept-ranges: bytes

GET
H2 200 clientlibs.lc-23257437ba9bccc14ff46d5c5c21af59-lc.min.js Show response
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/hero/ 386 B
614 B 297ms
267ms Script
application/javascript 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/hero/clientlibs.lc-23257437ba9bccc14ff46d5c5c21af59-lc.min.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

136f424adcb7a054ebfafaee93ef9dc300a57af9d29f541356e0fe5f5abaacb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 227
x-served-by: cache-fra-eddf8230024-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.944566,VS0,VS0,VE1
etag: W/"182-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503061
accept-ranges: bytes

GET
H2 200 clientlibs.lc-b903d7bdf5dee98620ba2c31f64ca018-lc.min.js Show response
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/collapsible/ 2 KB
934 B 297ms
268ms Script
application/javascript 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/collapsible/clientlibs.lc-b903d7bdf5dee98620ba2c31f64ca018-lc.min.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

550e0e316ef71e3fe8f675ad59b7bcd147746674b381bbb5f61a4c86d6a79433

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 547
x-served-by: cache-fra-eddf8230115-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.924017,VS0,VS0,VE1
etag: W/"624-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503083
accept-ranges: bytes

GET
H2 200 animations.lc-225b0f5fab708f96f9ebc863728878e1-lc.min.js Show response
labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/ 6 KB
2 KB 297ms
269ms Script
application/javascript 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/animations.lc-225b0f5fab708f96f9ebc863728878e1-lc.min.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1aae1a894357b9d7dcb7ecb77e404aa1648a8d1508cc0fb0c673236f1ca245f3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 1831
x-served-by: cache-fra-eddf8230042-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.923730,VS0,VS0,VE1
etag: W/"19e6-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=596373
accept-ranges: bytes

GET
H2 200 clientlibs.lc-0955fb7468fe9df2b44fd1f5f7057d04-lc.min.js Show response
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/pageListing/ 15 KB
5 KB 296ms
269ms Script
application/javascript 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/pageListing/clientlibs.lc-0955fb7468fe9df2b44fd1f5f7057d04-lc.min.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

86dcefe593ffba3b70153b546e916877d0953f2474cf5e95049a920b88e02f8f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 4761
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.924663,VS0,VS0,VE1
etag: W/"3ac1-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503071
accept-ranges: bytes

GET
H2 200 clientlibs.lc-44bf177d9c61b94f3f5aa04ca181deae-lc.min.js Show response
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/businessHeader/ 13 KB
3 KB 295ms
270ms Script
application/javascript 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/businessHeader/clientlibs.lc-44bf177d9c61b94f3f5aa04ca181deae-lc.min.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d7e4b269db23503e08af5be3e2310f0d8fe9272dd76d939343373639b01b6934

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 3140
x-served-by: cache-fra-eddf8230120-FRA
last-modified: Thu, 18 Apr 2024 06:45:12 GMT
x-timer: S1713423360.107194,VS0,VS0,VE1
etag: W/"34ce-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=596373
accept-ranges: bytes

GET
H2 200 aos.lc-ad5de9b353969639ebcca1942d157682-lc.min.js Show response
labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/vendor/ 14 KB
5 KB 290ms
271ms Script
application/javascript 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/vendor/aos.lc-ad5de9b353969639ebcca1942d157682-lc.min.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d0ba3e7712127777af58f300a2af906ca95b439b0f58b7c2b3595b353b76a33b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 4921
x-served-by: cache-fra-eddf8230063-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.934641,VS0,VS0,VE1
etag: W/"367b-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503008
accept-ranges: bytes

GET
H2 200 clientlibs.lc-d41d8cd98f00b204e9800998ecf8427e-lc.min.js Show response
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/tagTimestamp/ 0
401 B 290ms
272ms Script
application/javascript 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/tagTimestamp/clientlibs.lc-d41d8cd98f00b204e9800998ecf8427e-lc.min.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 20
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.944716,VS0,VS0,VE1
etag: W/"0-2386f26fb1bdc0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=503102
accept-ranges: bytes

GET
H2 200 clientlibs.lc-8faf865db97904b64f5f51a9bb6001c8-lc.min.js Show response
labs.withsecure.com/etc.clientlibs/f-secure/components/content/countdown/v1/countdown/ 3 KB
1 KB 291ms
273ms Script
application/javascript 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/countdown/v1/countdown/clientlibs.lc-8faf865db97904b64f5f51a9bb6001c8-lc.min.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cd4e59ca5ff6e0ef520d67e0c5cd828742db207d99f257081fa2661e88ceafd4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 971
x-served-by: cache-fra-eddf8230063-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.953178,VS0,VS0,VE2
etag: W/"d46-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=596374
accept-ranges: bytes

GET
H2 200 clientlibs.lc-ef3cc55677bcd3eedc6c09e892549bc9-lc.min.js Show response
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/socialShare/ 17 KB
2 KB 292ms
275ms Script
application/javascript 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/socialShare/clientlibs.lc-ef3cc55677bcd3eedc6c09e892549bc9-lc.min.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fae7763898685e9dfdff8aceea65e86d42bb25f3553b873db3ea0a4ef4810dc2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 2154
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.953469,VS0,VS0,VE1
etag: W/"43a5-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=128058
accept-ranges: bytes

GET
H2 200 lottie.lc-03ee6a74f29dd09014dae2017d1c2dc6-lc.min.js Show response
labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/vendor/ 214 KB
56 KB 292ms
276ms Script
application/javascript 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/vendor/lottie.lc-03ee6a74f29dd09014dae2017d1c2dc6-lc.min.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

72d66a7c6e9b9fee88179ffa4ce8421d8c888bcac1f5b22984458d573c614049

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 56632
x-served-by: cache-fra-eddf8230043-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.934626,VS0,VS0,VE2
etag: W/"35946-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=142033
accept-ranges: bytes

GET
H2 200 clientlibs.lc-8898553462d093e9825e7ed2abbf80c9-lc.min.js Show response
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/progressbar/ 15 KB
4 KB 294ms
279ms Script
application/javascript 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/progressbar/clientlibs.lc-8898553462d093e9825e7ed2abbf80c9-lc.min.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2c10d40e5e51f9b1128e5b1708ef9ddb854d07d6cb768b28c636a283ab6fbd92

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 3406
x-served-by: cache-fra-eddf8230024-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.953022,VS0,VS0,VE1
etag: W/"3a29-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=596374
accept-ranges: bytes

GET
H2 200 clientlibs.lc-0461eb89a6d07a5ecef384fca56944c4-lc.min.js Show response
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/authorWidget/ 28 KB
7 KB 294ms
279ms Script
application/javascript 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/authorWidget/clientlibs.lc-0461eb89a6d07a5ecef384fca56944c4-lc.min.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa2347c9db1e0fe79e38d41040bc0401e739fadf7b07229010760f1e045bc536

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 6439
x-served-by: cache-fra-eddf8230128-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.953230,VS0,VS0,VE1
etag: W/"6f13-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=142075
accept-ranges: bytes

GET
H2 200 clientlibs.lc-15eb6077c15d83d965995dceab51bc1a-lc.min.js Show response
labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/businessRichtext/ 463 B
661 B 294ms
280ms Script
application/javascript 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/businessRichtext/clientlibs.lc-15eb6077c15d83d965995dceab51bc1a-lc.min.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

043de33252f752239b67afc196abf4b56f2bf70f92fca8d21adee480f6f01081

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-length: 274
x-served-by: cache-fra-eddf8230043-FRA
last-modified: Fri, 22 Mar 2024 10:36:59 GMT
x-timer: S1711109985.953148,VS0,VS0,VE1
etag: W/"1cf-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=142033
accept-ranges: bytes

GET
H2 200 ws_tag.js Show response
sst.withsecure.com/ 329 KB
100 KB 261ms
110ms Script
application/javascript 2a00:1450:4001:80b::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sst.withsecure.com/ws_tag.js?id=GTM-KL3PT7C

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

dc531b8a3e5e2f412b273b7f5101ea6aa542a987f041cdd7f2cf46d1e0c712cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 13 Jun 2024 02:17:10 GMT
last-modified: Thu, 13 Jun 2024 00:00:00 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
access-control-allow-headers: Cache-Control
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0

GET
H2 200 index.js Show response
labs.withsecure.com/.rum/@adobe/helix-rum-js@%5E1/src/ 5 KB
2 KB 247ms
247ms Script
application/javascript 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/.rum/@adobe/helix-rum-js@%5E1/src/index.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3c080ce94eeadb6ec0c3ba3389f13cbf5cdc85364fabacef7061a12ee09e25ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Origin: https://labs.withsecure.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 02:17:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cross-origin-resource-policy: cross-origin
content-length: 1963
x-served-by: cache-fra-etou8220038-FRA, cache-fra-eddf8230063-FRA
x-timer: S1717768288.148493,VS0,VS0,VE14
etag: W/"1375-FelwpXwaWVCLW87TFgC+4FDa+gE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=125162, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 63b1eae4-d365-43be-a92d-6929e10402af.json Show response
cdn.cookielaw.org/consent/63b1eae4-d365-43be-a92d-6929e10402af/ 4 KB
2 KB 144ms
57ms XHR
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/63b1eae4-d365-43be-a92d-6929e10402af/63b1eae4-d365-43be-a92d-6929e10402af.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6e9481536273dd9004a4979849bc575c34ec038ccf16332f000b9900a4738c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 02:17:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 84878
content-md5: JyLr9s4yCVT69n7vQTwGsQ==
content-length: 1637
x-ms-lease-status: unlocked
last-modified: Fri, 08 Dec 2023 08:16:13 GMT
server: cloudflare
etag: 0x8DBF7C5F17DD215
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 903c0867-d01e-0071-14ae-29dfa8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892e95327cc89079-FRA
expires: Fri, 14 Jun 2024 02:17:10 GMT

GET
H2 200 ext-icon-black.svg
labs.withsecure.com/content/dam/with-secure/icons/ 337 B
628 B 46ms
45ms Image
image/svg+xml 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://labs.withsecure.com/content/dam/with-secure/icons/ext-icon-black.svg

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign.lc-9434801ef1bef3f50d258aeafe6d175a-lc.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c8261c0f7a9de9e7c0bcf4faefc0d21332553a075c9dc4fc9108c79c5afcd7e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign.lc-9434801ef1bef3f50d258aeafe6d175a-lc.min.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-disposition: attachment; filename="ext-icon-black.svg"
content-length: 231
x-served-by: cache-fra-eddf8230095-FRA
last-modified: Wed, 20 Jul 2022 10:00:17 GMT
x-timer: S1706533943.582649,VS0,VS0,VE40
etag: "151-5e439ab042e40-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=451121
accept-ranges: bytes

GET
H2 200 x_black.svg
labs.withsecure.com/content/dam/with-secure/brand-library/logos/social-media/black-svg/ 680 B
764 B 46ms
45ms Image
image/svg+xml 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://labs.withsecure.com/content/dam/with-secure/brand-library/logos/social-media/black-svg/x_black.svg

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/socialShare/clientlibs.lc-e153829cc2579fffbe8bd9fc343e3dd5-lc.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d6ea5ee75c2f9f41dafd6b2bb8545b0b9460be0df9ce23c277d3fb15a25ce32f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/socialShare/clientlibs.lc-e153829cc2579fffbe8bd9fc343e3dd5-lc.min.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-disposition: attachment; filename="x_black.svg"
content-length: 374
x-served-by: cache-fra-eddf8230104-FRA
last-modified: Fri, 20 Oct 2023 14:40:15 GMT
x-timer: S1712485196.920049,VS0,VS0,VE2
etag: "0x8DBD17A79789C5F"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=43200
accept-ranges: bytes

GET
H2 200 linkedin_black.svg
labs.withsecure.com/content/dam/with-secure/brand-library/logos/social-media/black-svg/ 992 B
842 B 47ms
45ms Image
image/svg+xml 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://labs.withsecure.com/content/dam/with-secure/brand-library/logos/social-media/black-svg/linkedin_black.svg

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/socialShare/clientlibs.lc-e153829cc2579fffbe8bd9fc343e3dd5-lc.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9ed4d303086d3d8f550686c0d3a3ca9513655aa37f279d32335a7acecf4152bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/socialShare/clientlibs.lc-e153829cc2579fffbe8bd9fc343e3dd5-lc.min.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-disposition: attachment; filename="linkedin_black.svg"
content-length: 447
x-served-by: cache-fra-eddf8230070-FRA
last-modified: Fri, 20 Oct 2023 14:31:11 GMT
x-timer: S1712485196.919811,VS0,VS0,VE7
etag: "0x8DBD1793523455B"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=43200
accept-ranges: bytes

GET
H2 200 facebook_black.svg
labs.withsecure.com/content/dam/with-secure/brand-library/logos/social-media/black-svg/ 746 B
823 B 47ms
46ms Image
image/svg+xml 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://labs.withsecure.com/content/dam/with-secure/brand-library/logos/social-media/black-svg/facebook_black.svg

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/socialShare/clientlibs.lc-e153829cc2579fffbe8bd9fc343e3dd5-lc.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1d044237204beba4f52616fc3fb5878c9f1ec5a959a5f72ae199f94adab90f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/etc.clientlibs/f-secure/components/content/B2B-remastered/socialShare/clientlibs.lc-e153829cc2579fffbe8bd9fc343e3dd5-lc.min.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-disposition: attachment; filename="facebook_black.svg"
content-length: 428
x-served-by: cache-fra-eddf8230062-FRA
last-modified: Fri, 20 Oct 2023 14:31:11 GMT
x-timer: S1712485196.920022,VS0,VS0,VE101
etag: "0x8DBD179350ADEE5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=43200
accept-ranges: bytes

GET
H2 200 extrnal-icon-white.svg
labs.withsecure.com/content/dam/with-secure/icons/ 337 B
631 B 51ms
50ms Image
image/svg+xml 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://labs.withsecure.com/content/dam/with-secure/icons/extrnal-icon-white.svg

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign.lc-9434801ef1bef3f50d258aeafe6d175a-lc.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

553e78540edd9850762855d12c711c68da877744bd073313d395bd77037176a9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/etc.clientlibs/f-secure/clientlibs/redesign.lc-9434801ef1bef3f50d258aeafe6d175a-lc.min.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-disposition: attachment; filename="extrnal-icon-white.svg"
content-length: 230
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Wed, 20 Jul 2022 10:00:17 GMT
x-timer: S1706533943.589334,VS0,VS0,VE51
etag: "151-5e439ab042e40-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=895426
accept-ranges: bytes

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 218ms
76ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept: application/json
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 02:17:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 892e9534982ba01e-FRA
access-control-allow-headers: Content-Type

GET
H2 200 js Show response
sst.withsecure.com/gtag/ 351 KB
115 KB 132ms
131ms Script
application/javascript 2a00:1450:4001:80b::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sst.withsecure.com/gtag/js?id=G-B5SG5Y2DHS&l=dataLayer&cx=c
Requested by: Host: sst.withsecure.com
URL: https://sst.withsecure.com/ws_tag.js?id=GTM-KL3PT7C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 54106a9faa10fc41a92c11802a8df13ed047aaf1d185a2b63d344dcd3fd5f53d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: application/javascript; charset=UTF-8
date: Thu, 13 Jun 2024 02:17:11 GMT
cache-control: private, max-age=900
content-encoding: gzip
server: Google Frontend
vary: accept-encoding
expires: Thu, 13 Jun 2024 02:32:11 GMT

GET geolocation-api
europe-central2-theta-byte-348711.cloudfunctions.net/ 0
0

GET
H2 200 ipsource Show response
www.withsecure.com/ 21 B
455 B 309ms
144ms XHR
application/json 2a02:26f0:7100::210:132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.withsecure.com/ipsource

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6d0695b09939099687cd3993e0bfaf50ba17c27f7f65d7d50923a9f403ff58ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 02:17:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET,OPTIONS
cache-control: max-age=600
server-timing: edge; dur=8, origin; dur=89, cdn-cache; desc=REVALIDATE, ak_p; desc="1718245031210_34603310_143969872_9782_6909_57_52_219";dur=1
access-control-allow-headers: *
content-length: 41
apigw-requestid: ZSJ6Mj9QDoEEMsg=
expires: Thu, 13 Jun 2024 02:27:11 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 220ms
62ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: sst.withsecure.com
URL: https://sst.withsecure.com/ws_tag.js?id=GTM-KL3PT7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

03b8970524212903ed5e8da72d99351e9ac4510cf8e898f94c8b8191a96014da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 02:17:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 13 Jun 2024 02:17:11 GMT

GET
H2 200 web-vitals.attribution.iife.js Show response
unpkg.com/web-vitals@3.0.0/dist/ 10 KB
4 KB 179ms
52ms Script
application/javascript 2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.0.0/dist/web-vitals.attribution.iife.js

Requested by

Host: labs.withsecure.com
URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9344b6a4db3db16dee581361244125a03a353c2ed0f5f701d83dc2be552d07c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 02:17:11 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6660012
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HT16NH1HE05PZSQMATH47T6P-fra
server: cloudflare
etag: "2647-N1l5oKJqaDLvxL3cO+UxlArzaXc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 892e95353c639732-FRA

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202311.1.0/ 427 KB
103 KB 51ms
50ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35b480df2d3690b7262690598f87598bc6e3ab6303e94911f2c1b77a721d7b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 02:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: VX4GCwjZuARQMrKdtn0EoA==
age: 29740
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 105136
x-ms-lease-status: unlocked
last-modified: Wed, 06 Mar 2024 17:32:15 GMT
server: cloudflare
etag: 0x8DC3E035D45F30B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e0e65e29-a01e-00a0-1a5a-70bd22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892e95355b9a9219-FRA

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/f9c66401/www-widgetapi.vflset/ 37 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f9c66401/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0bf2e9f81fa82f306a38ab2b997ecdbe3e44d8e9468c10b7b5473486a8e4c81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 22:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13777
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12617
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 04:28:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 12 Jun 2025 22:27:34 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/63b1eae4-d365-43be-a92d-6929e10402af/b382ffd7-7906-4d0b-a0fc-67f96d00a1a6/ 47 KB
13 KB 60ms
59ms Fetch
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/63b1eae4-d365-43be-a92d-6929e10402af/b382ffd7-7906-4d0b-a0fc-67f96d00a1a6/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbef9b34b0da8ae3cf54befa3789f2f24fe1e5ed3e3bfccfb32ee86097e13c72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 02:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 74665
content-md5: oPs3zttpvxGYhLAi1MDmrA==
content-length: 13368
x-ms-lease-status: unlocked
last-modified: Fri, 08 Dec 2023 08:16:23 GMT
server: cloudflare
etag: 0x8DBF7C5F7320356
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7d938bc4-a01e-0036-34af-29b4f3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892e95369e949079-FRA
expires: Fri, 14 Jun 2024 02:17:11 GMT

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 145ms
51ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13q3qPq2q5&tag_exp=0&rnd=1275717469.1718245032&url=https%3A%2F%2Flabs.withsecure.com%2Fpublications%2Fmass-exploitation-the-vulnerable-edge-of-enterprise-security&dma_cps=-&dma=1&npa=1&gtm=45he46c0v884702317z8855357939za200zb855357939&frm=0

Requested by

Host: sst.withsecure.com
URL: https://sst.withsecure.com/gtag/js?id=G-B5SG5Y2DHS&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 02:17:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect Show response
sst.withsecure.com/g/ 65 B
200 B 122ms
122ms XHR
text/plain 2a00:1450:4001:80b::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sst.withsecure.com/g/collect?v=2&tid=G-B5SG5Y2DHS&gtm=45he46c0v884702317z8855357939za200zb855357939&_p=1718245030499&gcs=G100&gcd=13q3qPq2q5&npa=1&dma_cps=-&dma=1&tag_exp=0&tt=&cid=871847154.1718245032&ecid=227792613&ul=de-de&sr=1600x1200&_fplc=0&ur=&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=c&sst.rnd=1275717469.1718245032&sst.gcd=13q3qPq2q5&sst.tft=1718245030499&sst.ude=0&_s=1&dl=https%3A%2F%2Flabs.withsecure.com%2Fpublications%2Fmass-exploitation-the-vulnerable-edge-of-enterprise-security&sid=1718245031&sct=1&seg=0&dt=Mass%20exploitation%3A%20The%20vulnerable%20edge%20of%20enterprise%20security%20%7C%20WithSecure%E2%84%A2%20Labs&en=page_view&_fv=1&_nsi=1&_ss=1&ep.path_clean=%2Fpublications%2Fmass-exploitation-the-vulnerable-edge-of-enterprise-security&ep.effective_connection_type=4g&ep.save_data=unknown&ep.user_data._tag_mode=AUTO&tfd=1482&richsstsse

Requested by

Host: sst.withsecure.com
URL: https://sst.withsecure.com/gtag/js?id=G-B5SG5Y2DHS&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 02:17:11 GMT
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://labs.withsecure.com
cache-control: no-cache
access-control-allow-credentials: true
x-accel-buffering: no

GET
H2 200 otFloatingRoundedIcon.json Show response
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/ 16 KB
4 KB 52ms
49ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otFloatingRoundedIcon.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc8c8031a5ede4d5c2c26b4cdee74bc0e29e2c8a1c6e6062b7a0a8337abfcb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 02:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 6X8Y/xb1eFFrWo3MDi/sjw==
age: 14310
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3829
x-ms-lease-status: unlocked
last-modified: Wed, 06 Mar 2024 17:32:08 GMT
server: cloudflare
etag: 0x8DC3E03597C5A4C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1bbbbe2a-201e-0017-37f1-6f9088000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892e9537df029079-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/v2/ 62 KB
13 KB 53ms
50ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a811246367093979c01fc9ea67e8db8c1b1e5abbd10fd669d6de163702c942b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 02:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bq2TLVDKOE7cS5BMMy9XRw==
age: 36020
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12700
x-ms-lease-status: unlocked
last-modified: Wed, 06 Mar 2024 17:32:10 GMT
server: cloudflare
etag: 0x8DC3E035A469169
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8b4ba3e6-401e-008f-77d3-9b0f35000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892e9537ef049079-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/ 5 KB
2 KB 53ms
51ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7429ba59299387d5b2445949464b6b58111c47c8363459c1dfe16a541ff0c397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 02:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: VeemQboP7UIEpPBWX2AINw==
age: 35551
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1766
x-ms-lease-status: unlocked
last-modified: Wed, 06 Mar 2024 17:32:09 GMT
server: cloudflare
etag: 0x8DC3E0359F4D3EE
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: acd6f7ac-801e-007c-5cb2-70177c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892e9537ef059079-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/ 21 KB
4 KB 77ms
74ms Fetch
text/css 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 02:17:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
x-ms-lease-status: unlocked
last-modified: Wed, 06 Mar 2024 17:32:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 96eae876-201e-007a-0bd3-9b2b24000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 892e9537ef069079-FRA

GET
H2 200 collect Show response
sst.withsecure.com/g/ 65 B
125 B 118ms
115ms XHR
text/plain 2a00:1450:4001:80b::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sst.withsecure.com/g/collect?v=2&tid=G-B5SG5Y2DHS&gtm=45he46c0v884702317z8855357939za200zb855357939&_p=1718245030499&gcs=G100&gcd=13q3qPq2q5&npa=1&dma_cps=-&dma=1&tag_exp=0&tt=&gtm_up=1&cid=871847154.1718245032&ecid=227792613&ul=de-de&sr=1600x1200&_fplc=0&ur=&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=c&sst.rnd=1275717469.1718245032&sst.gcd=13q3qPq2q5&sst.tft=1718245030499&sst.ude=0&_s=2&dl=https%3A%2F%2Flabs.withsecure.com%2Fpublications%2Fmass-exploitation-the-vulnerable-edge-of-enterprise-security&sid=1718245031&sct=1&seg=0&dt=Mass%20exploitation%3A%20The%20vulnerable%20edge%20of%20enterprise%20security%20%7C%20WithSecure%E2%84%A2%20Labs&en=FCP&ep.path_clean=%2Fpublications%2Fmass-exploitation-the-vulnerable-edge-of-enterprise-security&ep.effective_connection_type=4g&ep.save_data=unknown&ep.metric_name=FCP&ep.metric_id=v3-1718245031275-6214336140970&epn.metric_value=663.9000015258789&epn.metric_delta=663.9000015258789&ep.metric_rating=good&_et=6&ep.user_data._tag_mode=AUTO&tfd=1547&richsstsse

Requested by

Host: sst.withsecure.com
URL: https://sst.withsecure.com/gtag/js?id=G-B5SG5Y2DHS&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 02:17:11 GMT
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://labs.withsecure.com
cache-control: no-cache
access-control-allow-credentials: true
x-accel-buffering: no

GET
H2 200 favicon.ico
labs.withsecure.com/ 786 B
1 KB 46ms
45ms Other
image/png 2a02:26f0:480:23::1726:6297
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://labs.withsecure.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c7ce95d87dc398b66047af5cb8618202fa86137218dd12f9a419062279263eb3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 02:17:11 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-vhost: labs.withsecure.com
content-disposition: attachment
content-length: 809
x-served-by: cache-fra-eddf8230087-FRA
last-modified: Sun, 20 Mar 2022 21:23:06 GMT
x-timer: S1708171471.057893,VS0,VS0,VE49
etag: "312-5daacfc51c280-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1925641
accept-ranges: bytes

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
509 B 68ms
67ms Fetch
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 02:17:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jun 2024 01:58:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c1d47ba0-f01e-009d-3817-bd3b29000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 892e95390f789079-FRA

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 4 KB
4 KB 51ms
50ms Image
image/png 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 02:17:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E8+sk/ECzKgTUVtDLikiIA==
age: 38567
content-length: 4036
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jun 2024 06:32:25 GMT
server: cloudflare
etag: 0x8DC89E041F7123F
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f038269f-601e-0093-2252-bcd722000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 892e95392df89219-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 49ms
49ms Image
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jun 2024 02:17:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 7127
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jun 2024 01:58:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d102b06e-001e-0000-1afb-bc4169000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 892e95392df99219-FRA

POST
H2 200 collect Show response
sst.withsecure.com/g/ 65 B
125 B 150ms
150ms XHR
text/plain 2a00:1450:4001:80b::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sst.withsecure.com/g/collect?v=2&tid=G-B5SG5Y2DHS&gtm=45he46c0v884702317z8855357939za200zb855357939&_p=1718245030499&gcs=G100&gcd=13q3qPq2q5&npa=1&dma_cps=-&dma=1&tag_exp=0&gdid=dYWJhMj&tt=&gtm_up=1&cid=871847154.1718245032&ecid=227792613&ul=de-de&sr=1600x1200&_fplc=0&ur=&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=c&sst.rnd=1275717469.1718245032&sst.gcd=13q3qPq2q5&sst.tft=1718245030499&sst.ude=0&dl=https%3A%2F%2Flabs.withsecure.com%2Fpublications%2Fmass-exploitation-the-vulnerable-edge-of-enterprise-security&sid=1718245031&sct=1&seg=0&dt=Mass%20exploitation%3A%20The%20vulnerable%20edge%20of%20enterprise%20security%20%7C%20WithSecure%E2%84%A2%20Labs&_s=3&tfd=6590&richsstsse

Requested by

Host: sst.withsecure.com
URL: https://sst.withsecure.com/gtag/js?id=G-B5SG5Y2DHS&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://labs.withsecure.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 13 Jun 2024 02:17:16 GMT
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://labs.withsecure.com
cache-control: no-cache
access-control-allow-credentials: true
x-accel-buffering: no

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: europe-central2-theta-byte-348711.cloudfunctions.net
URL: https://europe-central2-theta-byte-348711.cloudfunctions.net/geolocation-api

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
labs.withsecure.com/	1969-12-31 23:59:59	Name: affinity Value: "059e2df5b41abb88"
.labs.withsecure.com/	1970-01-20 22:00:37	Name: wsIPSource Value: null
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Fs3oXpCKM0M
.youtube.com/	1970-01-21 01:36:37	Name: VISITOR_INFO1_LIVE Value: -wxQOhmxc5U
.youtube.com/	1970-01-21 01:36:37	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgDg%3D%3D
.labs.withsecure.com/	1970-01-21 06:03:01	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Jun+13+2024+04%3A17%3A11+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202311.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=bfadf088-48e0-49dd-9409-dd08c408abc0&interactionCount=0&landingPath=https%3A%2F%2Flabs.withsecure.com%2Fpublications%2Fmass-exploitation-the-vulnerable-edge-of-enterprise-security&groups=C0002%3A0%2CC0001%3A1%2CC0004%3A0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security Message: Access to XMLHttpRequest at 'https://europe-central2-theta-byte-348711.cloudfunctions.net/geolocation-api' from origin 'https://labs.withsecure.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://www.withsecure.com' that is not equal to the supplied origin.
network	error	URL: https://europe-central2-theta-byte-348711.cloudfunctions.net/geolocation-api Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
europe-central2-theta-byte-348711.cloudfunctions.net
geolocation.onetrust.com
labs.withsecure.com
pagead2.googlesyndication.com
sst.withsecure.com
unpkg.com
www.withsecure.com
www.youtube.com
europe-central2-theta-byte-348711.cloudfunctions.net
142.250.185.66
2606:4700:4400::ac40:9b77
2606:4700::6811:f6cb
2606:4700::6813:b234
2a00:1450:4001:80b::2013
2a00:1450:4001:810::200e
2a02:26f0:480:23::1726:6297
2a02:26f0:7100::210:132
00d571c556bd91b0dd21491074cafdc57d69061b707c73fec49dc785712b080e
03b8970524212903ed5e8da72d99351e9ac4510cf8e898f94c8b8191a96014da
043de33252f752239b67afc196abf4b56f2bf70f92fca8d21adee480f6f01081
0828ab6e8a05e29c0ed1728aaa76a4872e88d7a008ae5111823d99d75143fa9e
0e31be73f7d3548fa2bb07afcae7eb23b0202f7f99cac63a255c428c3e7bd0f4
136f424adcb7a054ebfafaee93ef9dc300a57af9d29f541356e0fe5f5abaacb4
15a9502c5af2e23747c2e32bd739b1c86ed4b88d6b9f5a5dd9c57cb6625eb51b
18bf5059ed0cd810826d412a00279b2d1168e11091282433a54c9222f8b7757a
1aae1a894357b9d7dcb7ecb77e404aa1648a8d1508cc0fb0c673236f1ca245f3
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
25d81dde397de071f8a75b76883a6ba893e57e3ad47f8e0ec084345c0b8a1372
2c10d40e5e51f9b1128e5b1708ef9ddb854d07d6cb768b28c636a283ab6fbd92
35b480df2d3690b7262690598f87598bc6e3ab6303e94911f2c1b77a721d7b49
37401e40203df81001383404ff88c9ec6f2a7d193277477b70995926a319bbdd
3c080ce94eeadb6ec0c3ba3389f13cbf5cdc85364fabacef7061a12ee09e25ab
45437201a5e1295fa97b2fe5ad95a432684f1b55e37328f9467e36a8e2b7cafd
464fcc008737ce9cf97b5d18b606256bdd164c859c23a0014cf0be335f226a7a
47e283b1f58c10ef70b3c08eba01e181ff378c6de639a304dccdc220cc729b01
54106a9faa10fc41a92c11802a8df13ed047aaf1d185a2b63d344dcd3fd5f53d
550e0e316ef71e3fe8f675ad59b7bcd147746674b381bbb5f61a4c86d6a79433
553e78540edd9850762855d12c711c68da877744bd073313d395bd77037176a9
5eb4dd14550d2c8771c20a8907fb17f0e9bcf57aa017fbc2cf571897b23a4135
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
62b53a956523f6643fc9c6510f3c162c991541db774bdb641d46bc327e0631ce
678bece18bc3eed09516801877fbbaba769ccb55ab488f7379d282d5888aa3d4
681819a802597a0e22f5d18dc62c86722de2d30c8f7b25122799b94b4345a635
682584619d8884c4f90ee1e85747ec4b1d6cf3a286a7d40b145bc15bb976a4cb
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6d0695b09939099687cd3993e0bfaf50ba17c27f7f65d7d50923a9f403ff58ae
6f62fe8fd2fe4ccb028ba492a1e310a420120326c80d174bc3b15e2f89bec5e4
7149e53b658e23ad239633e894b0aa033d72fb10712650d22172718f7d695882
72d66a7c6e9b9fee88179ffa4ce8421d8c888bcac1f5b22984458d573c614049
7429ba59299387d5b2445949464b6b58111c47c8363459c1dfe16a541ff0c397
7fb46498de20ea16e62e5562dc685785e61becd11d74775226d2821f40a8c8b6
801f5680be22cde1816595e3ffdae49e54960b8ceaf9a5ecdf701f3db6aaab6f
80778b7639a785fb8943d46400b232d85dbd160b574fbeca586e66af5a5cf553
85a72a74f174401f2c9b947ed841681d0b29216046cbbeccea44c48d6513b364
867286c83491dea215874b9c9e5cefe7097653f3adad2c87ec2262b140d20638
86dcefe593ffba3b70153b546e916877d0953f2474cf5e95049a920b88e02f8f
9344b6a4db3db16dee581361244125a03a353c2ed0f5f701d83dc2be552d07c4
9688d0adafb01b08034f4e9ac1798e840eb76f3bc3bc9284615b3740936e50c7
98cbc02bf4c973365818f7f63efa7da513888ccbf0242a7e21256ec45fd1902a
9a811246367093979c01fc9ea67e8db8c1b1e5abbd10fd669d6de163702c942b
9ed4d303086d3d8f550686c0d3a3ca9513655aa37f279d32335a7acecf4152bb
a0bf2e9f81fa82f306a38ab2b997ecdbe3e44d8e9468c10b7b5473486a8e4c81
a3018e44fea1cf4959a57c077f79a1b7815ee6b48d1d9c50c30d4737ad1e4dce
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a6b3e6672c85fefbec32617a9718acdd2a50b4cbbbfa8bdec114c950c2a5be70
b1d044237204beba4f52616fc3fb5878c9f1ec5a959a5f72ae199f94adab90f1
b315af549bc79d980abe0bca0a648ecfa0106be1bf205bf9ed809e6381f24d0a
bbef9b34b0da8ae3cf54befa3789f2f24fe1e5ed3e3bfccfb32ee86097e13c72
bf2505915bb54a10404d7b9b20e06f04531e0a1be638dc004cf7719c3514c277
c36e87ed638433e26eb31eca6d1c1df3e55a489a7473d8ce2bddf873427def3b
c5a01dcabdb9fc6aed2729e0dca4a2496379a13de142fee66d3e0ee7a0ea3a42
c6e9481536273dd9004a4979849bc575c34ec038ccf16332f000b9900a4738c7
c7ce95d87dc398b66047af5cb8618202fa86137218dd12f9a419062279263eb3
c8261c0f7a9de9e7c0bcf4faefc0d21332553a075c9dc4fc9108c79c5afcd7e7
cd4e59ca5ff6e0ef520d67e0c5cd828742db207d99f257081fa2661e88ceafd4
cf65fd8322a51577b264d6bb49f5d3340b404733875b1aef378b6da402189ea5
d0ba3e7712127777af58f300a2af906ca95b439b0f58b7c2b3595b353b76a33b
d2940262ee589f294052fc24f7421d4db845495211dbe18570cc2921b8ab139d
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d6ea5ee75c2f9f41dafd6b2bb8545b0b9460be0df9ce23c277d3fb15a25ce32f
d7e4b269db23503e08af5be3e2310f0d8fe9272dd76d939343373639b01b6934
dc531b8a3e5e2f412b273b7f5101ea6aa542a987f041cdd7f2cf46d1e0c712cd
dc8c8031a5ede4d5c2c26b4cdee74bc0e29e2c8a1c6e6062b7a0a8337abfcb6a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b945ec1db31e1f7773d344e773f02636fe5bc3c73e85b27b2bd50fa5153cf7
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e6c437fec3e9c6b1c05e51b38aa75bd871b0fa69b38eefb3acefc447d99a10ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3746040046f6ff20708de4a609bc1b538efe2e654fedcdaeab433fb828d562c
f703e7b1921faa2ff06f7eb15b0ac76cbe777f2eb154090a813ff548aeafcb9e
f9f88b5c0f724190f90f7b06f8975c9ac6f00dfe9127fd858d063c7d138ea65c
fa2347c9db1e0fe79e38d41040bc0401e739fadf7b07229010760f1e045bc536
fae7763898685e9dfdff8aceea65e86d42bb25f3553b873db3ea0a4ef4810dc2
fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3

labs.withsecure.com Open in urlscan Pro 2a02:26f0:480:23::1726:6297 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

80 Requests

99 %HTTPS

88 %IPv6

7 Domains

9 Subdomains

9 IPs

2 Countries

1009 kBTransfer

3046 kBSize

6 Cookies

13 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

labs.withsecure.com Open in urlscan Pro
2a02:26f0:480:23::1726:6297 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

99 %
HTTPS

88 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

1009 kB
Transfer

3046 kB
Size

6
Cookies

80 HTTP transactions
0 data transactions