www.cyberark.com Open in urlscan Pro
104.17.192.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Submission Tags: falconsandbox
Submission: On January 21 via api (January 21st 2023, 2:34:42 am UTC) from US — Scanned from DE

Summary HTTP 285 Redirects Links 51 Behaviour Indicators

Summary

This website contacted 68 IPs in 8 countries across 49 domains to perform 285 HTTP transactions. The main IP is 104.17.192.105, located in and belongs to CLOUDFLARENET, US. The main domain is www.cyberark.com. The Cisco Umbrella rank of the primary domain is 346612.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 16th 2022. Valid for: a year.

This is the only time www.cyberark.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	104.17.192.105 104.17.192.105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	65.9.66.111 65.9.66.111	16509 (AMAZON-02) (AMAZON-02)
9	2600:9000:206... 2600:9000:206f:3c00:12:53a8:95c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
8	2a02:26f0:f70... 2a02:26f0:f700:495::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a04:4e42:400... 2a04:4e42:400::622	54113 (FASTLY) (FASTLY)
2	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.45.104.85 23.45.104.85	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
4	104.76.156.190 104.76.156.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.110.53 13.32.110.53	() ()
10	99.86.4.35 99.86.4.35	() ()
1	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
1	3.84.64.118 3.84.64.118	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:400d:802::200e	15169 (GOOGLE) (GOOGLE)
2	52.48.61.43 52.48.61.43	16509 (AMAZON-02) (AMAZON-02)
1	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
1	13.32.110.74 13.32.110.74	() ()
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	18.66.15.28 18.66.15.28	16509 (AMAZON-02) (AMAZON-02)
1	34.249.28.111 34.249.28.111	16509 (AMAZON-02) (AMAZON-02)
1 1	18.203.152.154 18.203.152.154	16509 (AMAZON-02) (AMAZON-02)
1	18.200.4.79 18.200.4.79	16509 (AMAZON-02) (AMAZON-02)
14	143.204.215.47 143.204.215.47	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	3.248.94.213 3.248.94.213	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.38 65.9.66.38	16509 (AMAZON-02) (AMAZON-02)
5	192.28.146.116 192.28.146.116	15224 (OMNITURE) (OMNITURE)
1	44.195.150.192 44.195.150.192	14618 (AMAZON-AES) (AMAZON-AES)
1	3.208.35.2 3.208.35.2	14618 (AMAZON-AES) (AMAZON-AES)
64	13.32.110.22 13.32.110.22	() ()
1	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4832	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 7	2600:9000:211... 2600:9000:211e:7a00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	104.96.140.70 104.96.140.70	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
4	65.9.66.24 65.9.66.24	16509 (AMAZON-02) (AMAZON-02)
1	52.51.77.206 52.51.77.206	16509 (AMAZON-02) (AMAZON-02)
1 2	142.251.39.70 142.251.39.70	15169 (GOOGLE) (GOOGLE)
4	54.243.239.236 54.243.239.236	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:206... 2600:9000:206f:aa00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:223... 2600:9000:223c:9400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2.18.79.138 2.18.79.138	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	34.240.159.52 34.240.159.52	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	52.86.41.54 52.86.41.54	14618 (AMAZON-AES) (AMAZON-AES)
8 12	2a05:d018:cc3... 2a05:d018:cc3:fe04:e2c0:2f19:6496:9fa8	16509 (AMAZON-02) (AMAZON-02)
1	15.236.117.205 15.236.117.205	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:e30... 2a02:26f0:e300:182::1c91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.74.252.81 54.74.252.81	16509 (AMAZON-02) (AMAZON-02)
1 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	143.204.205.113 143.204.205.113	16509 (AMAZON-02) (AMAZON-02)
2 2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	70.42.32.63 70.42.32.63	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 2	52.28.17.51 52.28.17.51	16509 (AMAZON-02) (AMAZON-02)
1	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.173.174.179 35.173.174.179	14618 (AMAZON-AES) (AMAZON-AES)
2	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
285	68

28 104.17.192.105 (None, )

ASN13335 (CLOUDFLARENET, US)

www.cyberark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 65.9.66.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-111.fra56.r.cloudfront.net

content.cdntwrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:206f:3c00:12:53a8:95c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cihost.uberflip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:f700:495::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a04:4e42:400::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.104.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-104-85.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.76.156.190 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-156-190.deploy.static.akamaitechnologies.com

sjrtp6-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtp-static.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.53 (United States)

ASN- ()
PTR: server-13-32-110-53.vie50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 99.86.4.35 (United States)

ASN- ()
PTR: server-99-86-4-35.fra6.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.84.64.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-84-64-118.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:802::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.61.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-61-43.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

316-czp-275.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.74 (United States)

ASN- ()
PTR: server-13-32-110-74.vie50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-28.vie50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.28.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-28-111.eu-west-1.compute.amazonaws.com

cyberark.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.152.154 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-152-154.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.4.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-4-79.eu-west-1.compute.amazonaws.com

cyberark.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 143.204.215.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-47.fra53.r.cloudfront.net

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.94.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-94-213.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-38.fra56.r.cloudfront.net

consent-st.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.28.146.116 (United States)

ASN15224 (OMNITURE, US)

sjrtp6.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.150.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-150-192.compute-1.amazonaws.com

prefmgr-cookie.truste-svc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.35.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-35-2.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 13.32.110.22 (United States)

ASN- ()
PTR: server-13-32-110-22.vie50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4832 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:211e:7a00:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.96.140.70 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-140-70.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.66.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-24.fra56.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.77.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-77-206.eu-west-1.compute.amazonaws.com

go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.39.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f6.1e100.net

9920016.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.243.239.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-239-236.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:aa00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:9400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.79.138 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-138.deploy.static.akamaitechnologies.com

embedwistia-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.132 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.240.159.52 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-159-52.eu-west-1.compute.amazonaws.com

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.41.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-41-54.compute-1.amazonaws.com

cs.choozle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a05:d018:cc3:fe04:e2c0:2f19:6496:9fa8 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.117.205 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

cyberark.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:e300:182::1c91 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.252.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-252-81.eu-west-1.compute.amazonaws.com

ipv4.d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.205.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-113.fra53.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.17.51 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-17-51.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.173.174.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-174-179.compute-1.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	driftt.com js.driftt.com — Cisco Umbrella Rank: 5034	960 KB
28	cdntwrk.com content.cdntwrk.com — Cisco Umbrella Rank: 51764	1 MB
28	cyberark.com www.cyberark.com — Cisco Umbrella Rank: 346612	478 KB
25	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 2991 consent-pref.trustarc.com — Cisco Umbrella Rank: 15144 consent-st.trustarc.com — Cisco Umbrella Rank: 29512	560 KB
20	adroll.com 9 redirects s.adroll.com — Cisco Umbrella Rank: 2385 d.adroll.com — Cisco Umbrella Rank: 1446 ipv4.d.adroll.com — Cisco Umbrella Rank: 11315	34 KB
12	wistia.com fast.wistia.com — Cisco Umbrella Rank: 3806 embed-ssl.wistia.com — Cisco Umbrella Rank: 7336 distillery.wistia.com — Cisco Umbrella Rank: 5896 pipedream.wistia.com — Cisco Umbrella Rank: 6294	369 KB
9	marketo.com sjrtp6-cdn.marketo.com — Cisco Umbrella Rank: 91145 rtp-static.marketo.com — Cisco Umbrella Rank: 14482 sjrtp6.marketo.com — Cisco Umbrella Rank: 83346	91 KB
9	uberflip.com cihost.uberflip.com — Cisco Umbrella Rank: 77507	308 KB
8	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 478	105 KB
7	6sc.co j.6sc.co — Cisco Umbrella Rank: 6055 c.6sc.co — Cisco Umbrella Rank: 8967 ipv6.6sc.co — Cisco Umbrella Rank: 6442 b.6sc.co — Cisco Umbrella Rank: 4373	13 KB
6	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 9920016.fls.doubleclick.net — Cisco Umbrella Rank: 992268 cm.g.doubleclick.net — Cisco Umbrella Rank: 216	4 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 22	20 KB
5	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 413 ib.adnxs.com — Cisco Umbrella Rank: 207	5 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 373 www.linkedin.com — Cisco Umbrella Rank: 592 px4.ads.linkedin.com — Cisco Umbrella Rank: 6336	3 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3162	7 KB
4	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2892	12 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 606 script.hotjar.com — Cisco Umbrella Rank: 725 vars.hotjar.com — Cisco Umbrella Rank: 866 in.hotjar.com — Cisco Umbrella Rank: 1650	73 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	181 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	137 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	233 B
3	adsrvr.org 1 redirects match.adsrvr.org — Cisco Umbrella Rank: 301 insight.adsrvr.org — Cisco Umbrella Rank: 622	672 B
3	akamaihd.net embedwistia-a.akamaihd.net — Cisco Umbrella Rank: 10998	85 KB
3	affec.tv 2 redirects go.affec.tv — Cisco Umbrella Rank: 5786 map.go.affec.tv — Cisco Umbrella Rank: 6003	2 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 153	244 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	1 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 201 cyberark.demdex.net	5 KB
3	ml314.com ml314.com — Cisco Umbrella Rank: 1665 in.ml314.com — Cisco Umbrella Rank: 9280	12 KB
2	drift.com bootstrap.api.drift.com — Cisco Umbrella Rank: 5988	259 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 276	873 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 949 pixel.quantserve.com — Cisco Umbrella Rank: 662	10 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5983	655 B
2	omtrdc.net cyberark.tt.omtrdc.net — Cisco Umbrella Rank: 877739 cyberark.sc.omtrdc.net — Cisco Umbrella Rank: 985781	1 KB
2	gstatic.com fonts.gstatic.com	57 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3035	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	135 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 420	273 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 274	125 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 712
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	668 B
1	choozle.com cs.choozle.com — Cisco Umbrella Rank: 7424	123 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 870	1 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 820	377 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 675	5 KB
1	truste-svc.net prefmgr-cookie.truste-svc.net — Cisco Umbrella Rank: 30117	2 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 974	517 B
1	mktoresp.com 316-czp-275.mktoresp.com — Cisco Umbrella Rank: 837915	318 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1539	157 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1403	8 KB
0	engagio.com Failed web-analytics.engagio.com Failed
285	49

	Domain	Requested by
64	js.driftt.com	www.cyberark.com js.driftt.com
28	content.cdntwrk.com	www.cyberark.com content.cdntwrk.com
28	www.cyberark.com	www.cyberark.com content.cdntwrk.com
14	consent-pref.trustarc.com	consent.trustarc.com consent-pref.trustarc.com www.cyberark.com prefmgr-cookie.truste-svc.net
12	d.adroll.com	8 redirects s.adroll.com
10	consent.trustarc.com	www.cyberark.com consent.trustarc.com
9	fast.wistia.com	www.cyberark.com cihost.uberflip.com fast.wistia.com
9	cihost.uberflip.com	www.cyberark.com cihost.uberflip.com
8	assets.adobedtm.com	www.cyberark.com assets.adobedtm.com
7	s.adroll.com	1 redirects www.googletagmanager.com s.adroll.com d.adroll.com
6	www.google-analytics.com	www.googletagmanager.com www.cyberark.com
5	sjrtp6.marketo.com	sjrtp6-cdn.marketo.com rtp-static.marketo.com
4	b.6sc.co
4	secure.adnxs.com	2 redirects j.6sc.co
4	tags.srv.stackadapt.com	www.cyberark.com tags.srv.stackadapt.com
4	nexus.ensighten.com	www.googletagmanager.com nexus.ensighten.com
4	fonts.googleapis.com	www.cyberark.com cihost.uberflip.com
4	cdnjs.cloudflare.com	www.cyberark.com cdnjs.cloudflare.com
3	www.facebook.com
3	embedwistia-a.akamaihd.net	fast.wistia.com
3	connect.facebook.net	www.cyberark.com connect.facebook.net
3	rtp-static.marketo.com	sjrtp6-cdn.marketo.com
2	bootstrap.api.drift.com	js.driftt.com
2	x.bidswitch.net	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net
2	map.go.affec.tv	2 redirects
2	px.ads.linkedin.com	2 redirects
2	9920016.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google.de	www.cyberark.com
2	www.google.com	www.cyberark.com
2	dpm.demdex.net	assets.adobedtm.com www.cyberark.com
2	fonts.gstatic.com	fonts.googleapis.com
2	munchkin.marketo.net	www.cyberark.com munchkin.marketo.net
2	ml314.com	www.cyberark.com ml314.com
2	www.googletagmanager.com	www.cyberark.com www.googletagmanager.com
1	pipedream.wistia.com	fast.wistia.com
1	us-u.openx.net
1	ib.adnxs.com
1	ups.analytics.yahoo.com
1	sync.outbrain.com
1	d1eoo1tco6rr5e.cloudfront.net	nexus.ensighten.com
1	ipv4.d.adroll.com
1	adservice.google.com	9920016.fls.doubleclick.net
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	pixel.quantserve.com
1	cyberark.sc.omtrdc.net	assets.adobedtm.com
1	cs.choozle.com
1	match.adsrvr.org
1	rules.quantcount.com	secure.quantserve.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	go.affec.tv	www.googletagmanager.com
1	secure.quantserve.com	www.cyberark.com
1	j.6sc.co	www.cyberark.com
1	snap.licdn.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	distillery.wistia.com	fast.wistia.com
1	prefmgr-cookie.truste-svc.net	www.cyberark.com
1	consent-st.trustarc.com	consent-pref.trustarc.com
1	in.hotjar.com	script.hotjar.com
1	cyberark.tt.omtrdc.net	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	cyberark.demdex.net	assets.adobedtm.com
1	vars.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	316-czp-275.mktoresp.com	munchkin.marketo.net
1	alb.reddit.com	www.cyberark.com
1	embed-ssl.wistia.com	www.cyberark.com
1	in.ml314.com	ml314.com
1	www.redditstatic.com	www.cyberark.com
1	static.hotjar.com	www.cyberark.com
1	sjrtp6-cdn.marketo.com	www.cyberark.com
0	web-analytics.engagio.com Failed	www.cyberark.com
285	77

This site contains links to these domains. Also see Links.

Domain
cyberark-customers.force.com
cyberark.com
labs.cyberark.com
careers.cyberark.com
www.conjur.org
docs.cyberark.com
www.facebook.com
twitter.com
www.linkedin.com
www.msi.com
github.com
www.internals.com
web.archive.org
en.wikipedia.org
git.back.engineering
eclypsium.com
lp.cyberark.com
investors.cyberark.com
www.youtube.com

Subject Issuer	Validity	Valid
cyberark.com Cloudflare Inc ECC CA-3	`2022-05-16` - `2023-05-16`	a year	crt.sh
content.cdntwrk.com Amazon RSA 2048 M01	`2022-10-24` - `2023-11-22`	a year	crt.sh
*.uberflip.com Amazon	`2022-07-06` - `2023-08-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
ml314.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.marketo.com DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.trustarc.com Amazon	`2022-05-17` - `2023-06-15`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-15`	6 months	crt.sh
*.ml314.com Amazon	`2022-11-16` - `2023-12-14`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
embed-ssl.wistia.com R3	`2023-01-16` - `2023-04-16`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-14`	6 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.truste-svc.net Amazon	`2022-05-23` - `2023-06-21`	a year	crt.sh
*.wistia.com Amazon	`2022-03-02` - `2023-03-31`	a year	crt.sh
drift.com Amazon	`2022-08-24` - `2023-09-21`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-30` - `2023-01-28`	3 months	crt.sh
*.6sc.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-08` - `2023-03-11`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-07` - `2023-10-14`	a year	crt.sh
affec.tv Amazon	`2022-08-10` - `2023-09-08`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.srv.stackadapt.com Amazon	`2022-10-09` - `2023-11-07`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
quantserve.com R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.choozle.com Amazon	`2022-05-18` - `2023-06-16`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Frame ID: 3A211EC25488B255C2CA416A0DBDA585
Requests: 193 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=cyberark.com
Frame ID: 39326D5EB9BC00546B4537980DC5EEC5
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
Frame ID: 74F1AEDEC122F2AB2B49D3F700000F97
Requests: 1 HTTP requests in this frame

Frame: https://cyberark.demdex.net/dest5.html?d_nsid=0
Frame ID: 39D6AE121602615763CB0C7D00F26EB8
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Frame ID: ABE173B09012F0E6F48EDE6023573815
Requests: 18 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html
Frame ID: 80888FA09E3A7551035DC41E6B1036DA
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Frame ID: A9A7B59E3E24A2C20C2347E2264B2D63
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: B75E8C1AA0D22EC46904BA4B352FF8EB
Requests: 1 HTTP requests in this frame

Frame: https://9920016.fls.doubleclick.net/activityi;dc_pre=CM_uvI_Q1_wCFQqF1QodlrcDew;src=9920016;type=websi0;cat=websi0;ord=2325129079566;gtm=2od1i0;auiddc=2116949763.1674268476;~oref=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Frame ID: 9279985772F74DC8998CF7BF7F1CD80E
Requests: 2 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/0v1kpom/u9beit9/iframe
Frame ID: FB80144B9EF47738179A95426037CA14
Requests: 2 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Frame ID: 8AA70A9F6A258A0C78219A7FF901307B
Requests: 31 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
Frame ID: F3A72A51F814A56BADE9F7160F36AC4F
Requests: 33 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 421E981604CC69C390C70EC310D38D4A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Inglourious Drivers – A Journey of Finding Vulnerabilities in Drivers

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

285
Requests

94 %
HTTPS

34 %
IPv6

49
Domains

77
Subdomains

68
IPs

8
Countries

4990 kB
Transfer

12582 kB
Size

68
Cookies

51 Outgoing links

These are links going to different origins than the main page.

URL: https://cyberark-customers.force.com/mplace/s/
Title: Marketplace

Search URL Search Domain Scan URL

URL: https://cyberark.com/partners/
Title: Partners

Search URL Search Domain Scan URL

URL: https://cyberark.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://labs.cyberark.com/
Title: CyberArk Labs

Search URL Search Domain Scan URL

URL: https://careers.cyberark.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.conjur.org/
Title: Conjur Secrets Manager Open Source

Search URL Search Domain Scan URL

URL: https://cyberark-customers.force.com/s/
Title: Technical Community

Search URL Search Domain Scan URL

URL: https://docs.cyberark.com/
Title: Product Documentation

Search URL Search Domain Scan URL

URL: http://careers.cyberark.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Inglourious%20Drivers%20%E2%80%93%20A%20Journey%20of%20Finding%20Vulnerabilities%20in%20Drivers&url=https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&title=Inglourious%20Drivers%20%E2%80%93%20A%20Journey%20of%20Finding%20Vulnerabilities%20in%20Drivers&summary=TL;DR%20I%20discovered%20multiple%20bugs%20in%20OEM%20vendors%20for%20peripheral%20devices,%20which%20affected%20many%20users%20of%20these%20OEM%20vendors%20(Razer,%20EVGA,%20MSI,%20AMI).%20Many%20of%20the%20vulnerabilities%20originated%20in%20a...
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Inglourious%20Drivers%20%E2%80%93%20A%20Journey%20of%20Finding%20Vulnerabilities%20in%20Drivers&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&via=CyberArk
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&title=Inglourious%20Drivers%20%E2%80%93%20A%20Journey%20of%20Finding%20Vulnerabilities%20in%20Drivers&summary=TL%3BDR%20I%20discovered%20multiple%20bugs%20in%20OEM%20vendors%20for%20peripheral%20devices%2C%20which%20affected%20many%20users%20of%20these%20OEM%20vendors%20%28Razer%2C%20EVGA%2C%20MSI%2C%20AMI%29.%20Many%20of%20the%20vulnerabilities%20originated%20in%20a...
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.msi.com/Landing/dragon-center-download
Title: MSI Dragon Center

Search URL Search Domain Scan URL

URL: https://github.com/starofrainnight/winio
Title: WinIO

Search URL Search Domain Scan URL

URL: http://www.internals.com/
Title: www.internals.com

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20160410042019/http:/www.internals.com/
Title: link

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Return-oriented_programming
Title: ROP chain

Search URL Search Domain Scan URL

URL: https://github.com/LibreHardwareMonitor/LibreHardwareMonitor
Title: open-source

Search URL Search Domain Scan URL

URL: https://twitter.com/_xeroxz
Title: _xeroxz

Search URL Search Domain Scan URL

URL: https://git.back.engineering/_xeroxz/msrexec/
Title: msrexec

Search URL Search Domain Scan URL

URL: https://eclypsium.com/2019/08/10/screwed-drivers-signed-sealed-delivered/
Title: https://eclypsium.com/2019/08/10/screwed-drivers-signed-sealed-delivered/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Check%20out%20what%27s%20happening%20at%20CyberArk%21&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2F&via=CyberArk
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2F&title=English%20%E2%80%93%20CyberArk%20Software%20Inc%27s&summary=Check%20out%20what%27s%20happening%20at%20CyberArk%21
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://lp.cyberark.com/Stay-in-touch.html
Title: Tell Me How

Search URL Search Domain Scan URL

URL: https://cyberark.com/services-support/contact-support/
Title: Contact Support

Search URL Search Domain Scan URL

URL: https://cyberark.com/services-support/professional-services/training-certification/
Title: Training & Certification

Search URL Search Domain Scan URL

URL: https://cyberark.com/customer-support/
Title: Customer Support

Search URL Search Domain Scan URL

URL: https://cyberark.com/products/privileged-account-security-solution/endpoint-privilege-manager/endpoint-privilege-manager-software-service/
Title: EPM SaaS Register / Login

Search URL Search Domain Scan URL

URL: https://cyberark.com/product-security/
Title: Product Security

Search URL Search Domain Scan URL

URL: https://cyberark.com/resources
Title: Resource Center

Search URL Search Domain Scan URL

URL: https://cyberark.com/blueprint/
Title: CyberArk Blueprint

Search URL Search Domain Scan URL

URL: https://cyberark.com/discover-privileged-accounts-exist-cyberark-dna/
Title: Scan Your Network

Search URL Search Domain Scan URL

URL: https://cyberark-customers.force.com/partner/s/login/
Title: Partner Community

Search URL Search Domain Scan URL

URL: https://cyberark.com/partner-finder/
Title: Partner Finder

Search URL Search Domain Scan URL

URL: https://cyberark.com/partners/cyberark-partner-network/#become-a-partner
Title: Become a Partner

Search URL Search Domain Scan URL

URL: https://cyberark.com/partners/alliance-partners/
Title: Alliance Partner

Search URL Search Domain Scan URL

URL: https://investors.cyberark.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://cyberark.com/company/management-team/
Title: Management Team

Search URL Search Domain Scan URL

URL: https://cyberark.com/company/board-of-directors/
Title: Board of Directors

Search URL Search Domain Scan URL

URL: https://cyberark.com/newsroom/
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://cyberark.com/company/#office-locations
Title: Office Locations

Search URL Search Domain Scan URL

URL: https://twitter.com/CyberArk

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CyberArk

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cyber-ark-software

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/cyberarksoftware

Search URL Search Domain Scan URL

URL: https://cyberark.com/terms-conditions/
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://cyberark.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108

https://cm.everesttech.net/cm/dd?d_uuid=21656947488603019214280704014013884097 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y8tPPAAAALVIJANn

Request Chain 156

https://9920016.fls.doubleclick.net/activityi;src=9920016;type=websi0;cat=websi0;ord=2325129079566;gtm=2od1i0;auiddc=2116949763.1674268476;~oref=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers HTTP 302
https://9920016.fls.doubleclick.net/activityi;dc_pre=CM_uvI_Q1_wCFQqF1QodlrcDew;src=9920016;type=websi0;cat=websi0;ord=2325129079566;gtm=2od1i0;auiddc=2116949763.1674268476;~oref=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Request Chain 166

https://s.adroll.com/j/pre/6RJ2KCUITBBDPLKE34TVGK/YLIX5GPR6BEUFEKQO55F32/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 170

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=17906&time=1674268478692&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D17906%26time%3D1674268478692%26url%3Dhttps%253A%252F%252Fwww.cyberark.com%252Fresources%252Fthreat-research-blog%252Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=17906&time=1674268478692&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=17906&time=1674268478692&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&liSync=true&e_ipv6=AQLGzdQY_FO2swAAAYXSLY-IJGJUUeWoWciCktrXsOPnOgZubxWwLU3K1qyhpDDAjTmX6rM

Request Chain 177

https://secure.adnxs.com/px?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&id=1511778&order_id=%5BORDER_ID%5D&seg=27404672&t=1&value=%5BREVENUE%5D HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_TCF_CONSENT_STRING%5D%26id%3D1511778%26order_id%3D%255BORDER_ID%255D%26seg%3D27404672%26t%3D1%26value%3D%255BREVENUE%255D

Request Chain 178

https://map.go.affec.tv/map/af/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING] HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D63cb4f3e245da600012d0a5a%26chc%3Daf%26gdpr%3D%255BGDPR_APPLIES%255D%26gdpr_consent%3D%255BGDPR_TCF_CONSENT_STRING%255D%26redirect_url%3D HTTP 302
https://map.go.affec.tv/map/an/3128115332636874623?ch=63cb4f3e245da600012d0a5a&chc=af&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D&redirect_url= HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&ch=63cb4f3e245da600012d0a5a&chc=af%7Can&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D&redirect_url=

Request Chain 190

https://d.adroll.com/pixel/6RJ2KCUITBBDPLKE34TVGK/YLIX5GPR6BEUFEKQO55F32?adroll_fpc=2c2072efc0f4e42fcbcc74efb96652fb-1674268478981&pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/6RJ2KCUITBBDPLKE34TVGK/YLIX5GPR6BEUFEKQO55F32/UF4T22HPEREY5HIKIANYD3.js

Request Chain 192

https://insight.adsrvr.org/tags/0v1kpom/u9beit9/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/0v1kpom/u9beit9/iframe

Request Chain 200

https://d.adroll.com/cm/g/out?adroll_fpc=2c2072efc0f4e42fcbcc74efb96652fb-1674268478981&pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&advertisable=6RJ2KCUITBBDPLKE34TVGK HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=twtnsCQCF_HVPdk_sVRjSw HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 201

https://d.adroll.com/cm/x,b,index,l,o,outbrain,pubmatic,n,taboola,triplelift,r/out?adroll_fpc=2c2072efc0f4e42fcbcc74efb96652fb-1674268478981&pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&advertisable=6RJ2KCUITBBDPLKE34TVGK HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjcwYjY3YjAyNDAyMTdmMWQ1M2RkOTNmYjE1NDYzNGI&gdpr=1&gdpr_consent=

Request Chain 202

https://d.adroll.com/cm/r/out?adroll_fpc=2c2072efc0f4e42fcbcc74efb96652fb-1674268478981&pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&advertisable=6RJ2KCUITBBDPLKE34TVGK HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YjcwYjY3YjAyNDAyMTdmMWQ1M2RkOTNmYjE1NDYzNGI&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 203

https://d.adroll.com/cm/b/out?adroll_fpc=2c2072efc0f4e42fcbcc74efb96652fb-1674268478981&pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&advertisable=6RJ2KCUITBBDPLKE34TVGK HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=YjcwYjY3YjAyNDAyMTdmMWQ1M2RkOTNmYjE1NDYzNGI HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YjcwYjY3YjAyNDAyMTdmMWQ1M2RkOTNmYjE1NDYzNGI

Request Chain 204

https://d.adroll.com/cm/x/out?adroll_fpc=2c2072efc0f4e42fcbcc74efb96652fb-1674268478981&pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&advertisable=6RJ2KCUITBBDPLKE34TVGK HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=YjcwYjY3YjAyNDAyMTdmMWQ1M2RkOTNmYjE1NDYzNGI

Request Chain 206

https://d.adroll.com/cm/o/out?adroll_fpc=2c2072efc0f4e42fcbcc74efb96652fb-1674268478981&pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&advertisable=6RJ2KCUITBBDPLKE34TVGK HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=b70b67b0240217f1d53dd93fb154634b&gdpr=1&gdpr_consent=

Request Chain 207

https://d.adroll.com/cm/g/out?adroll_fpc=2c2072efc0f4e42fcbcc74efb96652fb-1674268478981&pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&advertisable=6RJ2KCUITBBDPLKE34TVGK&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=twtnsCQCF_HVPdk_sVRjSw HTTP 302
https://d.adroll.com/cm/g/in

285 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers Show response
www.cyberark.com/resources/threat-research-blog/ 277 KB
53 KB 370ms
277ms Document
text/html 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24722df55f91d8e7328775aef459d5a69662d085cffa6a17341edbf0254c2a7b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.cyberark.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 78cca6d02c932c3d-FRA
content-encoding: gzip
content-language: en
content-security-policy: frame-ancestors 'self' https://www.cyberark.com/;
content-type: text/html; charset=UTF-8
date: Sat, 21 Jan 2023 02:34:35 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
referrer-policy: unsafe-url
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 lato.css
content.cdntwrk.com/css/google-fonts/ 6 KB
933 B 156ms
40ms Stylesheet
text/css 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.cdntwrk.com/css/google-fonts/lato.css?v=075928935a99
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88b4bd1c3c8e9af6516b562e9679955ff48479ee6a5771e97ef425d1c5425e1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 18:06:44 GMT
content-encoding: gzip
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 289671
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 17 Jan 2023 18:04:44 GMT
server: AmazonS3
etag: W/"37291223d8c6a87c6435a8740e28f134"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: 74fJ-V_14GuLbeW82bhnd3qA68-w1yDhq789ZrMQXYjqUCm-v64qWA==

GET
H2 200 hubs.c2e7f618985911ea7708.css
content.cdntwrk.com/css/hubs/ 262 KB
44 KB 162ms
46ms Stylesheet
text/css 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.cdntwrk.com/css/hubs/hubs.c2e7f618985911ea7708.css
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19871f24c2b42833f98f404c3f404c0cbc99f02c70e590303e9f269948d2a056

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 18:07:09 GMT
content-encoding: gzip
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 289647
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 17 Jan 2023 18:04:44 GMT
server: AmazonS3
etag: W/"b09f031ad46988d7d0c89e35980f0bec"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: w_6DLDQf-Y3F54YYTcv1w2VRLFNaixIjQLUTXAwSvjKv7b-A7mtHHw==

GET
H2 200 en.css
cihost.uberflip.com/cyberArk/master/build/en/ 512 KB
76 KB 170ms
40ms Stylesheet
text/css 2600:9000:206f:3c00:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/cyberArk/master/build/en/en.css
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 272a132751b16a1ce104fd0f7de7a260ea51361ba0bb2fee6b858977b87ff15b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 01:16:38 GMT
content-encoding: gzip
via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified: Tue, 20 Dec 2022 07:34:58 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1671521693/ctime:1671521693/gid:123/gname:docker/md5:04dbd445ef6520d078a937d8efa971f9/mode:33188/mtime:1671521693/uid:1001/uname:runner
x-amz-cf-pop: FRA56-C1
age: 5318
etag: W/"04dbd445ef6520d078a937d8efa971f9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: tYf8wciejTsXFl_y1hegXfIsIK1UzUDPVFk__2iBHV839hmrPS1bYw==

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/css/ 46 KB
9 KB 129ms
46ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/css/all.min.css

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Origin: https://www.cyberark.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 716490
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8281
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-b752"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvOe4TNr%2F1kJvP2PixktRESmLGyM3DuBsNWIIRaosxz88%2FDWmByxl%2BI2StNlzcUSSh%2BL7JS2vVQSvzTcZmlo9QK4xzlXSSYdRLazKi60mRoutb%2FQbnSWPOMESCX47pp6KPy%2BtHp%2F8KHV%2BDjEl7yf1Hyt"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78cca6d27af12bae-FRA
expires: Thu, 11 Jan 2024 02:34:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
756 B 202ms
75ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400&display=swap

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41164ecc4643a94f1881912ddca649032a58a93bce844370c8e6369dbf246d7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 Jan 2023 01:10:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 Jan 2023 02:34:35 GMT

GET
H2 200 enlighterjs.min.css
www.cyberark.com/wp-content/themes/understrap-child/includes/enlighter/ 78 KB
9 KB 61ms
60ms Stylesheet
text/css 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberark.com/wp-content/themes/understrap-child/includes/enlighter/enlighterjs.min.css?ver=5.4.2

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ef8a267de455c3a72237bf7db0c97c97e35e52452ff9ece15876d0d60f9c0e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 31 Aug 2020 16:20:25 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1456584
etag: W/"5f4d2349-13634"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78cca6d1edbf2c3d-FRA
expires: Sun, 21 Jan 2024 02:34:35 GMT

GET
H2 200 enlighterjs.min.js Show response
www.cyberark.com/wp-content/themes/understrap-child/includes/enlighter/ 57 KB
17 KB 55ms
54ms Script
application/javascript 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberark.com/wp-content/themes/understrap-child/includes/enlighter/enlighterjs.min.js?ver=5.4.2

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a117f36dba1eb2100f340bb68f3cc4d4c04d50d8a1d61c36a5d0a682aed9d362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 31 Aug 2020 16:20:25 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1456584
etag: W/"5f4d2349-e307"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78cca6d1edc22c3d-FRA
expires: Sun, 21 Jan 2024 02:34:35 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 200ms
74ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Mono&display=swap

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8a666e79762f97b3af716f2544db7f005cc15d9011f1785129d331afec795b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 Jan 2023 00:40:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 Jan 2023 02:34:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 293 KB
92 KB 151ms
61ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5SFWTH

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7bef3f52ec80a7a2cab79fadfca88294e4d11ffc66e70e2ca700ef91ee5243d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93382
x-xss-protection: 0
last-modified: Sat, 21 Jan 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 21 Jan 2023 02:34:35 GMT

GET
H2 200 launch-e8e6adf0fe30.min.js Show response
assets.adobedtm.com/789d877fe9a8/09207f0a9c44/ 297 KB
88 KB 313ms
59ms Script
application/x-javascript 2a02:26f0:f700:495::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8605ba9973ec0ff450733faf2d77e8e07fa354bc4c0f6aff6c41c5e4c25835bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 19:24:06 GMT
server: AkamaiNetStorage
etag: "e79abf2aca255f9494826b6e1a167f68:1661801046.765405"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.cyberark.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 89686
expires: Sat, 21 Jan 2023 03:34:35 GMT

GET
H2 200 logo.svg
cihost.uberflip.com/cyberArk/OB-8671/build/assets/ 14 KB
5 KB 49ms
38ms Image
image/svg+xml 2600:9000:206f:3c00:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cihost.uberflip.com/cyberArk/OB-8671/build/assets/logo.svg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 952f35790a58d6c58cd01db0b7994f8b1e3f2d4328f8dd2ed423c01579d403c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 06:33:31 GMT
content-encoding: gzip
via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified: Mon, 12 Dec 2022 14:33:49 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1670855619/ctime:1670855619/gid:123/gname:docker/md5:f86c6ef84b83b048b2a5521fb36ab761/mode:33188/mtime:1670855619/uid:1001/uname:runner
x-amz-cf-pop: FRA56-C1
age: 75124
etag: W/"f86c6ef84b83b048b2a5521fb36ab761"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: _PqvwHZB9Vws5vidB5qyC2SCQPh42PJwbNkr7PuP-_xN6PoGVwrWeQ==

GET
H2 200 WhyCA_Menu-LeftHandCallOut.png
www.cyberark.com/wp-content/uploads/2021/02/ 25 KB
26 KB 61ms
50ms Image
image/webp 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads/2021/02/WhyCA_Menu-LeftHandCallOut.png

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b96b944dbdb9c2afcdecae184e3bdc4717c30dc4f5d4624cfd1727461d6569fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1456583
cf-polished: origFmt=png, origSize=39669
content-disposition: inline; filename="WhyCA_Menu-LeftHandCallOut.webp"
content-length: 25958
cf-bgj: imgq:85,h2pri
last-modified: Tue, 02 Feb 2021 20:17:47 GMT
server: cloudflare
etag: "6019b36b-9af5"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 78cca6d51fce2c3d-FRA
expires: Sun, 21 Jan 2024 02:34:35 GMT

GET
H2 200 Assets-Icons-Industries-Medical.png
www.cyberark.com/wp-content/uploads/2020/12/ 362 B
574 B 74ms
64ms Image
image/webp 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads/2020/12/Assets-Icons-Industries-Medical.png

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e6098f9e4e64f667bc006876813632d5ac79ac56e5284a95c9c821870907cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 721656
cf-polished: origFmt=png, origSize=997
content-disposition: inline; filename="Assets-Icons-Industries-Medical.webp"
content-length: 362
cf-bgj: imgq:85,h2pri
last-modified: Wed, 23 Dec 2020 22:10:13 GMT
server: cloudflare
etag: "5fe3c045-3e5"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 78cca6d51fd02c3d-FRA
expires: Sun, 21 Jan 2024 02:34:35 GMT

GET
H2 200 Products_Menu-LeftHandCallOut.png
www.cyberark.com/wp-content/uploads/2021/02/ 15 KB
15 KB 70ms
60ms Image
image/webp 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads/2021/02/Products_Menu-LeftHandCallOut.png

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08330120c6d9d4407fd599bae49187289878c557ed68e58d0e091fd5e1ac6c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1463524
cf-polished: origFmt=png, origSize=22261
content-disposition: inline; filename="Products_Menu-LeftHandCallOut.webp"
content-length: 15210
cf-bgj: imgq:85,h2pri
last-modified: Tue, 02 Feb 2021 20:10:12 GMT
server: cloudflare
etag: "6019b1a4-56f5"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 78cca6d51fd12c3d-FRA
expires: Sun, 21 Jan 2024 02:34:35 GMT

GET
H2 200 Privilege.svg
www.cyberark.com/wp-content/uploads//2021/02/ 3 KB
1 KB 68ms
57ms Image
image/svg+xml 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads//2021/02/Privilege.svg

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b0e7a4bdf115afb8e8c5b9b671b0dc4441236f8cf56906d146b7d46a0ee14a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 02 Feb 2021 20:54:15 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1463522
etag: W/"6019bbf7-c52"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78cca6d51fd22c3d-FRA
expires: Sun, 21 Jan 2024 02:34:35 GMT

GET
H2 200 Access.svg
www.cyberark.com/wp-content/uploads//2021/02/ 5 KB
2 KB 66ms
56ms Image
image/svg+xml 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads//2021/02/Access.svg

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8e7fd76994e9fe7f19af8a2234efc259debc6e67de4ae8bf2f0e7471132bd02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 02 Feb 2021 21:31:38 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1463522
etag: W/"6019c4ba-12ba"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78cca6d51fd32c3d-FRA
expires: Sun, 21 Jan 2024 02:34:35 GMT

GET
H2 200 DevSecOps.svg
www.cyberark.com/wp-content/uploads//2021/02/ 6 KB
2 KB 73ms
63ms Image
image/svg+xml 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads//2021/02/DevSecOps.svg

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91b7152c2708e116677591b018f23ed2910c747e932f8985b704f1884d807990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 02 Feb 2021 21:31:31 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1456583
etag: W/"6019c4b3-185c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78cca6d52fd42c3d-FRA
expires: Sun, 21 Jan 2024 02:34:35 GMT

GET
H2 200 finance.svg
www.cyberark.com/wp-content/uploads//2021/02/ 7 KB
3 KB 68ms
58ms Image
image/svg+xml 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads//2021/02/finance.svg

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

234f5e6b36c41a209c87e64949d11927b6360603b94ce3511c53df5bac0f4c26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 02 Feb 2021 21:33:34 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1456583
etag: W/"6019c52e-1a41"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78cca6d52fd62c3d-FRA
expires: Sun, 21 Jan 2024 02:34:35 GMT

GET
H2 200 insurance.svg
www.cyberark.com/wp-content/uploads//2021/02/ 3 KB
1 KB 74ms
64ms Image
image/svg+xml 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads//2021/02/insurance.svg

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e70999bd0ed2afbb2967ca63898c752fc3e66ba8a86a4ac341723be85bb7319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 02 Feb 2021 21:34:37 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1456583
etag: W/"6019c56d-c9f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78cca6d52fd72c3d-FRA
expires: Sun, 21 Jan 2024 02:34:35 GMT

GET
H2 200 healthcare.svg
www.cyberark.com/wp-content/uploads//2021/02/ 4 KB
2 KB 66ms
57ms Image
image/svg+xml 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads//2021/02/healthcare.svg

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a654dbffdb656aacce15df139a6d2701ccae809fe7baab1ec042714bb6336eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 02 Feb 2021 21:34:01 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1456583
etag: W/"6019c549-10bb"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78cca6d52fd92c3d-FRA
expires: Sun, 21 Jan 2024 02:34:35 GMT

GET
H2 200 government.svg
www.cyberark.com/wp-content/uploads//2021/02/ 2 KB
1016 B 68ms
58ms Image
image/svg+xml 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads//2021/02/government.svg

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

634358d77171f485bb1738fce1bf1e715e2cd0a94b2c4f3d5c6dafccd0d1031a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 02 Feb 2021 21:34:22 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1301532
etag: W/"6019c55e-881"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78cca6d52fda2c3d-FRA
expires: Sun, 21 Jan 2024 02:34:35 GMT

GET
H2 200 Nav-Image-ServicesSupport-e1609108892195.png
www.cyberark.com/wp-content/uploads/2020/12/ 21 KB
21 KB 110ms
100ms Image
image/webp 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads/2020/12/Nav-Image-ServicesSupport-e1609108892195.png

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ba3a74eb74823f80c522391734fdeafebfbd2f284167568ad17e7d44b1618e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1463524
cf-polished: origFmt=png, origSize=36292
content-disposition: inline; filename="Nav-Image-ServicesSupport-e1609108892195.webp"
content-length: 21460
cf-bgj: imgq:85,h2pri
last-modified: Sun, 27 Dec 2020 22:41:32 GMT
server: cloudflare
etag: "5fe90d9c-8dc4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 78cca6d55ffd2c3d-FRA
expires: Sun, 21 Jan 2024 02:34:35 GMT

GET
H2 200 TryBuy_Menu-LeftHandCallOut.png
www.cyberark.com/wp-content/uploads/2021/02/ 26 KB
26 KB 102ms
93ms Image
image/webp 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads/2021/02/TryBuy_Menu-LeftHandCallOut.png

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aab45b2e3226eb83ceed37f3f622529d0a6ca0a82d8dd9a4d1fb8e46ba84f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1463523
cf-polished: origFmt=png, origSize=39090
content-disposition: inline; filename="TryBuy_Menu-LeftHandCallOut.webp"
content-length: 26540
cf-bgj: imgq:85,h2pri
last-modified: Tue, 02 Feb 2021 20:19:11 GMT
server: cloudflare
etag: "6019b3bf-98b2"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 78cca6d55ffe2c3d-FRA
expires: Sun, 21 Jan 2024 02:34:35 GMT

GET
H2 200 Icons-Globe@2x.png
www.cyberark.com/wp-content/uploads/2020/12/ 456 B
612 B 97ms
88ms Image
image/webp 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads/2020/12/Icons-Globe@2x.png

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45aca110620ac12009925cac1e38aa4e71426a2b83ee7f356010069b45539d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1456583
cf-polished: origFmt=png, origSize=1147
content-disposition: inline; filename="Icons-Globe@2x.webp"
content-length: 456
cf-bgj: imgq:85,h2pri
last-modified: Wed, 30 Dec 2020 23:04:11 GMT
server: cloudflare
etag: "5fed076b-47b"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 78cca6d55fff2c3d-FRA
expires: Sun, 21 Jan 2024 02:34:35 GMT

GET
H3 200 ajax-loader-white-2x.gif
content.cdntwrk.com/img/hubs/ 3 KB
3 KB 51ms
44ms Image
image/gif 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/img/hubs/ajax-loader-white-2x.gif?v=19a554b579c4
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1cd0852f3077f1b059e16529d8de16acb490990d6cb796dd74873de0bfd8a91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 01:23:33 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
age: 436263
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2707
last-modified: Mon, 09 Jan 2023 18:32:03 GMT
server: AmazonS3
etag: "5217392f882b27d35ec2e72946f2df7e"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: q2uZuPeKkI7NnyFjCKB0Giu1ra6a97FYf6y1EU_ygpQRZA2R1-tDuA==

GET
H3 200 chevron-down-64x64.png
content.cdntwrk.com/img/hubs/ 760 B
1 KB 51ms
44ms Image
image/png 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/img/hubs/chevron-down-64x64.png?v=78668873251b
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e240679c3215c840cf754104fe7291c77f2f52ad551c95e8c8364d0124938ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 10:15:21 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
age: 404355
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 760
last-modified: Mon, 09 Jan 2023 18:32:03 GMT
server: AmazonS3
etag: "26818bdf0706c780af4a52b44ea17fdc"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: ebhsLPPwPhOAaBvlZf5S5b7jJ9pmTYySb-VMmfOCKL95rwnpbGpyKQ==

GET
H2 200 swatch
fast.wistia.com/embed/medias/mjfsbkj4sq/ 3 KB
4 KB 143ms
41ms Image
image/jpeg 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/mjfsbkj4sq/swatch

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e4a2f7df63f5cb2b8b32c273ccb004e43c93664c1e4b756b197c63097b7ce4a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
access-control-request-method: *
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 39797
x-cache: HIT, HIT
content-disposition: inline
content-length: 3416
x-served-by: cache-iad-kiad7000034-IAD, cache-hhn-etou8220078-HHN
x-browser-version: 109
last-modified: Fri, 20 Jan 2023 13:50:31 UTC
x-timer: S1674268476.796687,VS0,VE1
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: public, no-cache, max-age=31530071
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 20, 1

GET
H3 200 mediaproxy
content.cdntwrk.com/ 37 KB
38 KB 58ms
51ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2023%2F01%2Fhero-tr-hand-microchip.jpg&size=1&version=1674145074&sig=29eddfd5c99c6b5900eaded6a18460c6&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: f73f8c2ad1c0b7ae96c7bed8ee3000fdf24312456ffa6195c587941ddcc85939

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:26:37 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 16:26:28 GMT
age: 122877
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="hero-tr-hand-microchip.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: yfX_nvs5wS6p0bnN7TOjXkrFBCwbswiktUpBd50UJzlFP63FcPmziw==
content-length: 38148

GET
H3 200 mediaproxy
content.cdntwrk.com/ 23 KB
23 KB 67ms
61ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2022%2F12%2Fthreat-research-blog-hero.jpeg&size=1&version=1674146217&sig=81a1f74036223d1c6cf10cda4f2f5dcb&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: c31420493d6eb30dc84e63c79a997a5caeafdde0574b0a342c415bfd627b2d1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:37:32 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 16:37:22 GMT
age: 122223
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="threat-research-blog-hero.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -LOozc-a9MH1MfQMez5S4rFkbhdXzXWJPEeYZABYgmoKKwXBMxdohg==
content-length: 23680

GET
H3 200 mediaproxy
content.cdntwrk.com/ 59 KB
59 KB 59ms
53ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2022%2F12%2Fthreat-research-hero.jpeg&size=1&version=1674146398&sig=97b392d160d69be4d818b27279e4cb24&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: 1aa7996197b13bddd9d45a179b5943219fb646007061d4b9209bdbd8c9aea142

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:42:37 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 16:42:27 GMT
age: 121918
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="threat-research-hero.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 4aj9xxy7k83q-I6kU4sfv6e_web5FKIvPoOglHksWIveLNqJgZL0GQ==
content-length: 60020

GET
H3 200 mediaproxy
content.cdntwrk.com/ 48 KB
49 KB 69ms
62ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2022%2F11%2Fthreat-research-hero.jpg&size=1&version=1670613376&sig=d21da66a3eb1d4874189b403079aaebd&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: 7b7012dcb12ee2f3b165215c4766a7d393c8ca3e3da7a0621f4de062769ccf60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 05:10:46 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Sat, 07 Jan 2023 05:10:37 GMT
age: 1200228
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="threat-research-hero.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: QY6Rf0k_4D9dBG7zDFC4ZWMBcwiWvkzN-Xp08VDlo3ofiNCe2Hs4hA==
content-length: 49376

GET
H3 200 mediaproxy
content.cdntwrk.com/ 39 KB
39 KB 95ms
88ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2022%2F10%2FDragon-hero-trb.jpg&size=1&version=1670613376&sig=432f1ffb8d03b829e7fcfa71c6e490c8&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: bce0acb7f0d34254c36e6e863f5709da68f3f40b5cccbe82488ff3fb20520998

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 05:46:44 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Wed, 18 Jan 2023 05:46:34 GMT
age: 247671
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="Dragon-hero-trb.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: LZr6VpQ47l_r_pqYBdglsjqQoEpfkNnblasUJzyqs4Q23syp_WvTHw==
content-length: 39974

GET
H3 200 mediaproxy
content.cdntwrk.com/ 17 KB
17 KB 60ms
53ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2022%2F09%2FAdobeStock_191432286.jpeg&size=1&version=1670613376&sig=19cc1a58ebc5938bfbd896c018d4cb98&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: 1949ac2a3a7c887bead8687abd67fb1a33289922d0d7b081c797353d1cba540b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 07:27:35 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Mon, 09 Jan 2023 07:27:25 GMT
age: 1019220
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="AdobeStock_191432286.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: RuVtNQ6hFRnAn7kbgr0wczOLgpsSBH4f3POgTaFP0G1LKRLNr6y-WQ==
content-length: 17118

GET
H3 200 mediaproxy
content.cdntwrk.com/ 33 KB
33 KB 97ms
90ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fcontainer.jpeg&size=1&version=1670613376&sig=b36db7d2f31496cfee0550bc4ebe1793&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: 1fd56a753d2fc5aa18fc391ad597ad008c5c5a3c1af0c9c55e9294271ce4bc95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 01:27:10 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Wed, 14 Dec 2022 01:27:01 GMT
age: 3287244
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="container.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: xduCTPxcTK9F6EZdNYMxV9ssyPw172ax-VGfoDwKXgatWftEjhwT5g==
content-length: 33500

GET
H3 200 mediaproxy
content.cdntwrk.com/ 13 KB
14 KB 60ms
54ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2022%2F08%2Fhero-blog.jpeg&size=1&version=1670613376&sig=2af7e65a9a465d506a4f34fb1ae928ba&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: 76b378075dc07b1caa45424756cca2440fda08f8276c814effd5c738409fa06d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 03:01:59 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Mon, 12 Dec 2022 03:01:49 GMT
age: 3454356
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="hero-blog.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: tgIfIJ89DJVBeBEWH0kGcg0Sl-y4iIj9ol2iW0HENru5sh3lxq-L2Q==
content-length: 13544

GET
H3 200 mediaproxy
content.cdntwrk.com/ 48 KB
49 KB 97ms
91ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2022%2F07%2Floader.jpeg&size=1&version=1670613375&sig=465976de8debf0c786a8a48f767fe26c&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: 25037e6b7c282bb93eb40d6af413e84acd76dd8a264ccfae5f71d910eb5a1035

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 10:56:04 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Sun, 25 Dec 2022 10:55:54 GMT
age: 2302711
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="loader.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 61hZarg5tZ-d2liHULvVKMpTN2o6pIxcBiiCc_hsSyfy6PYLR8SowA==
content-length: 49656

GET
H3 200 mediaproxy
content.cdntwrk.com/ 12 KB
12 KB 96ms
90ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2022%2F06%2Fdrain-pipe.jpeg&size=1&version=1670613376&sig=35e981a68198dea01794a954f97b76b0&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: c4075c29ce6b37940eff3682e883612aabc2b78e8ccfa4b9af84b9a90e4a7470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 11:47:12 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 11:47:02 GMT
age: 1608443
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="drain-pipe.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: bbNkwSu4FQ0XDWIiFpHQ05w9A-bjHy36WpxRNMGVFxxAwW4M5eRhDw==
content-length: 12466

GET
H3 200 mediaproxy
content.cdntwrk.com/ 12 KB
13 KB 67ms
61ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2022%2F05%2FBlue-1-header-image.png&size=1&version=1670613375&sig=255ce2ad9154b89ab98126090e0d97cb&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: cd2f6642d9c618ac73dedc1b90c09f5d8d2652130b858758afa695b96400597c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 02:32:02 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Mon, 16 Jan 2023 02:31:52 GMT
age: 432153
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="Blue-1-header-image.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Ixwb3IlQx120I9CwU01xKvz0007jMPBJY2TNmdgb9xdzLgpf7KdQ7g==
content-length: 12768

GET
H3 200 mediaproxy
content.cdntwrk.com/ 36 KB
36 KB 60ms
54ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2022%2F05%2Fneedle-haystack.png&size=1&version=1670613375&sig=40d390bfea367aadb378fef04efdc0e8&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: 860b18e91a3582792f23c9b2c9dbd64036c5545777e8bdbb81e6e76d2a926e4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 03:01:59 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Mon, 12 Dec 2022 03:01:50 GMT
age: 3454355
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="needle-haystack.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5Cuf-L9FoE1IbCSuCFhC5g-Q_ZMKBz0nyGP6zQN9EOj-OV-Lsliz1A==
content-length: 36738

GET
H3 200 mediaproxy
content.cdntwrk.com/ 24 KB
25 KB 60ms
54ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2022%2F05%2Fbug-driver-hero.jpg&size=1&version=1670613375&sig=ae6c24e080650ef56ef0af9eb3f80d3a&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: f8798515190cb314410c765a8b22859988890100550865fcea07aaa000cc3608

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 01:53:35 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Sun, 15 Jan 2023 01:53:26 GMT
age: 520859
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="bug-driver-hero.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: LYZZ22YUI-bzmsEg_FNK120D6JHUEamNf5jHpNpB9NMTeszmDCC7-w==
content-length: 24974

GET
H3 200 mediaproxy
content.cdntwrk.com/ 33 KB
33 KB 95ms
89ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2022%2F03%2FConti-Group-Leak.png&size=1&version=1670613376&sig=1b3adc1aaf28b85f9b637ec85ea97415&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: 7017acd2219db2073793fed0fe5cc1c96ae4f1883e9abebf4e0cfaf73474843c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 01:11:06 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Tue, 10 Jan 2023 01:10:56 GMT
age: 955409
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="Conti-Group-Leak.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fjwRUJgHzBjyIY2Yrw1iv6E46q_hyIP2iUzJEFzJyTIf9du28JAuMA==
content-length: 33882

GET
H3 200 mediaproxy
content.cdntwrk.com/ 13 KB
13 KB 67ms
62ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2022%2F02%2FDocker-1.png&size=1&version=1670613375&sig=47ed246d23af360cdc08cfa4500d67ac&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: 8d2d9ec1ad59ec589ca38cad46c0c16cd28329394e5928aea4e0f73dab2f3d54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 05:49:45 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Mon, 26 Dec 2022 05:49:35 GMT
age: 2234690
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="Docker-1.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: MAzLEBa4yLWqXbITK0RIf0y_jWK9UoJ3jnPKqbO6WiTUFFX_KfbP2Q==
content-length: 12896

GET
H3 200 mediaproxy
content.cdntwrk.com/ 24 KB
25 KB 52ms
46ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2022%2F02%2FPolkit-Threat-Research.jpg&size=1&version=1665679078&sig=0a32d186968f546471cbbeed8bbf650f&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: 59a6841161dd1701535e2664d512b449cdff28e6217f933f2e051700d237a7a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 06:16:35 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Wed, 18 Jan 2023 06:16:25 GMT
age: 245880
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="Polkit-Threat-Research.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 1tzJtfJroQAiV-RQKq2_8Q7OJmxMMxaxCzfdXtPKqwevZuDe3YZZwA==
content-length: 25014

GET
H3 200 mediaproxy
content.cdntwrk.com/ 47 KB
47 KB 66ms
60ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2022%2F01%2Fanalyzing-malware-featured-image-hook.png&size=1&version=1670613375&sig=86b34bcfb5b785f9e20e67d6865664a0&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: 5d7d0628ed102d5bb2818efefd0635a8bb89281c58c0b6cd0b21ca1dd8b2c4d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 01:11:06 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Tue, 10 Jan 2023 01:10:56 GMT
age: 955409
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="analyzing-malware-featured-image-hook.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: aYWT4x7jV8XEeuXDuwTF1RYPZ4FsHoyriQjaYo1wdqtQmKElgbuIXA==
content-length: 47764

GET
H3 200 mediaproxy
content.cdntwrk.com/ 33 KB
33 KB 57ms
52ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2022%2F01%2Ftsk-hero.jpeg&size=1&version=1670613376&sig=6138d116245a3c888c895abb62133b9d&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: aaa5f0de6b862cd28ade79a2cf7dfb8c698695282e6045de51e0fb90cbb9e79d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 04:31:15 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Tue, 17 Jan 2023 04:31:06 GMT
age: 338599
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="tsk-hero.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: rTdZMCR-fiQ38zGPVxWu-SPTAj_LFXNbOKnjqNv3mnJoG1z--sqdfQ==
content-length: 33372

GET
H3 200 mediaproxy
content.cdntwrk.com/ 53 KB
53 KB 56ms
51ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2021%2F12%2Fdont-trust-hero.jpg&size=1&version=1665679078&sig=9322afa97c0bf89fe62d5f1f5c6bac21&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: a966b18676fb1cebffcfc36906e05cb7935d4d1fe3ce5f7ec55bec4cb362b12e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 07:49:44 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Tue, 13 Dec 2022 07:49:35 GMT
age: 3350690
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="dont-trust-hero.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: U5zRNCPp_z1pltExttVYqU4a3UACU1chpNIJQkIpLIJzAvSDyxg5bw==
content-length: 54152

GET
H3 200 mediaproxy
content.cdntwrk.com/ 8 KB
9 KB 56ms
51ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fwww.cyberark.com%2Fwp-content%2Fuploads%2F2021%2F11%2Fhook-heaps-featured-img.png&size=1&version=1670613376&sig=d411777169a6ffff8978e0e7d70fba57&default=hubs%2Ftilebg-blogs.jpg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: ef7f5c02f0efac90424d1d90d6a3a926124b80a2d7cc3f8561c36725b29f8615

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 08:21:39 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 08:21:29 GMT
age: 1361576
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=1234567890
content-disposition: inline; filename="hook-heaps-featured-img.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 6HTx2UQ3DwgVwgT491Q6N5lEFsPJcJ90kKbGztOK37N8iRrLI2P_MQ==
content-length: 8562

GET
H2 200 email-decode.min.js Show response
www.cyberark.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
791 B 42ms
41ms Script
application/javascript 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberark.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 13 Jan 2023 23:34:08 GMT
server: cloudflare
content-encoding: gzip
etag: W/"63c1ea70-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 78cca6d33e8a2c3d-FRA
expires: Mon, 23 Jan 2023 02:34:35 GMT

GET
H2 200 hubs_app.c2e7f618985911ea7708.js Show response
content.cdntwrk.com/js/hubs/ 1 MB
311 KB 46ms
45ms Script
application/javascript 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.cdntwrk.com/js/hubs/hubs_app.c2e7f618985911ea7708.js
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83c24cdc38d0e64c40ade6b6fe8aa3d935b7bb9daa553242aeb78b0a9a187fc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 18:07:09 GMT
content-encoding: gzip
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 289647
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 17 Jan 2023 18:04:54 GMT
server: AmazonS3
etag: W/"b734f33df5c46905bf341179a26a7ad3"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: P3unSushnTMqIfiaW-OR_FTm23Hjqa4AXhKXSbq925TEYV4JXQ7tyA==

GET
H2 200 en.bundle.js Show response
cihost.uberflip.com/cyberArk/master/build/en/ 298 KB
71 KB 41ms
41ms Script
text/javascript 2600:9000:206f:3c00:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/cyberArk/master/build/en/en.bundle.js
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68ce765660c81dbd7a18f42d7d41480f695a345e7ea9581b6acfa9ba3339c657

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 03:13:19 GMT
content-encoding: gzip
via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified: Tue, 20 Dec 2022 07:34:57 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1671521693/ctime:1671521693/gid:123/gname:docker/md5:f517090f1bd645eccc462cc4b77e5bb0/mode:33188/mtime:1671521693/uid:1001/uname:runner
x-amz-cf-pop: FRA56-C1
age: 84077
etag: W/"f517090f1bd645eccc462cc4b77e5bb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: fvCJZkUH6oPJ8hWjKVbEpLCSWZyMCA5rDyBqWEtIT44evmT_RN7HsA==

GET
H3 200 sha256.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/ 9 KB
4 KB 88ms
44ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/sha256.min.js

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2154434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2977
last-modified: Mon, 04 May 2020 16:11:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec6-2339"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qw58doLE6mHBgbuQXfxfjlih5Rjp7K4tMykW8GhaUcGAHdMnlh8KHZtVgvEGKc4p34NN1s2oKe4t6XHqq8LR8pTenTIqpbuWmxxXSHNHENlR53ktw9XgCYgai5DKEzfiQqNi8z2GISadkdrd1xsgmsYo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78cca6d4eeb79016-FRA
expires: Thu, 11 Jan 2024 02:34:35 GMT

GET
H2 200 External.svg
cihost.uberflip.com/cyberark-migration-tv2/OB-CyberArk_Migration_Tv2/assets/images/ 2 KB
1 KB 45ms
40ms Image
image/svg+xml 2600:9000:206f:3c00:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cihost.uberflip.com/cyberark-migration-tv2/OB-CyberArk_Migration_Tv2/assets/images/External.svg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49bdaf43b043fdd5e79f321a889502b341e83fb3d71caa9ec286369bcb205373

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 04:26:58 GMT
content-encoding: gzip
via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jan 2021 17:35:02 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1611941654/ctime:1611941654/gid:117/gname:docker/md5:cd7c2cec63b67d7f1108cb091b478569/mode:33188/mtime:1611941654/uid:1001/uname:runner
x-amz-cf-pop: FRA56-C1
age: 79721
etag: W/"cd7c2cec63b67d7f1108cb091b478569"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: wHof-oms3kmIutwlRHKQqQEcddMBzq1HjW2rv-560M80FA8E0rZ3bg==

GET
H2 200 External-darkblue.svg
cihost.uberflip.com/cyberark-migration-tv2/OB-CyberArk_Migration_Tv2/assets/images/ 952 B
1 KB 45ms
40ms Image
image/svg+xml 2600:9000:206f:3c00:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cihost.uberflip.com/cyberark-migration-tv2/OB-CyberArk_Migration_Tv2/assets/images/External-darkblue.svg
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f150486021d4182821249f13273a7a87862756e2b021e3d19121aaae6a2e09d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 06:33:31 GMT
via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jan 2021 20:02:50 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1611950517/ctime:1611950517/gid:117/gname:docker/md5:98bf2668c3bae975ce6b211e1acc322f/mode:33188/mtime:1611950517/uid:1001/uname:runner
x-amz-cf-pop: FRA56-C1
age: 74250
etag: "98bf2668c3bae975ce6b211e1acc322f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 952
x-amz-cf-id: cIRK7Qwkviwh1UpDyAAVTJWei2T3wJ6ltFHc_5NJdtA_qOsRw-7DVA==

GET
H2 200 cyberark-logo-dark.svg
www.cyberark.com/wp-content/uploads/2021/01/ 4 KB
2 KB 100ms
96ms Image
image/svg+xml 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads/2021/01/cyberark-logo-dark.svg

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67e2f25233ffe02ea0a70301e7440e6371d8943ca3f759b1d128b590e7e9419b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 25 Jun 2021 13:14:28 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1456583
etag: W/"60d5d6b4-f6a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78cca6d558002c3d-FRA
expires: Sun, 21 Jan 2024 02:34:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
890 B 76ms
75ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap

Requested by

Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/cyberArk/master/build/en/en.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

25038265e790e4ee17e16018c71e3a315baa5975b36afefe5249f8310f6aa749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cihost.uberflip.com/cyberArk/master/build/en/en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 Jan 2023 01:46:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 Jan 2023 02:34:35 GMT

GET
H2 200 css2
fonts.googleapis.com/ 669 KB
179 KB 117ms
117ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@100;300;400;500;700;900&display=swap

Requested by

Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/cyberArk/master/build/en/en.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4edf0ada23eca10e2faf4439d6e230c01298e29fe968cf900110ffcf85293335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cihost.uberflip.com/cyberArk/master/build/en/en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 Jan 2023 02:34:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 Jan 2023 02:34:35 GMT

GET
H2 200 ajax_ping Show response
www.cyberark.com/resources/hubsFront/ 49 B
320 B 172ms
172ms XHR
application/json 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberark.com/resources/hubsFront/ajax_ping

Requested by

Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.c2e7f618985911ea7708.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74935268619be1f087ce67765abd72f80107125f23b346f7615cc9e6a19d4595

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.cyberark.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
content-security-policy: frame-ancestors 'self' https://www.cyberark.com/;
referrer-policy: unsafe-url
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-frame-options: DENY
content-type: application/json
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-language: en
cf-ray: 78cca6d5a82e2c3d-FRA
x-xss-protection: 1; mode=block

GET
H2 200 stats_temp_item_680845100xb1255b83e730fbc50110a2950c62ee5b175b373b20fc27d9a010d5571a9598d11674268475d67acbe3755355f7d175734a7fe3ee4d86dcc20f236439885fada1165cf7b8ae
www.cyberark.com/resources/hubsFront/signalMetricsTemp/ 0
203 B 189ms
189ms Image
text/html 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/resources/hubsFront/signalMetricsTemp/stats_temp_item_680845100xb1255b83e730fbc50110a2950c62ee5b175b373b20fc27d9a010d5571a9598d11674268475d67acbe3755355f7d175734a7fe3ee4d86dcc20f236439885fada1165cf7b8ae?t=1674268475819

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.cyberark.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
content-security-policy: frame-ancestors 'self' https://www.cyberark.com/;
referrer-policy: unsafe-url
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-frame-options: DENY
content-type: text/html; charset=UTF-8
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-language: en
cf-ray: 78cca6d5f8652c3d-FRA
x-xss-protection: 1; mode=block

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
11 KB 136ms
41ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?210
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 01:50:26 GMT
content-encoding: br
age: 2649
x-guploader-uploadid: ADPycdunX7bTwt_pZE4SCaD35YHS3zRtKSV-9WOyCz9lG7GtGFkYetcayOUWYYAaObVXj2HOOjmLseEiAUbogECDezU-PmU1kTms
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10465
last-modified: Tue, 09 Aug 2022 21:49:07 GMT
server: UploadServer
etag: W/"fe36d3317b1b052708eb2260e253aa63"
vary: Accept-Encoding
x-goog-generation: 1660081747697868
x-goog-hash: crc32c=BjH7bw==, md5=/jbTMXsbBScI6yJg4lOqYw==
content-type: application/javascript
cache-id: FRA-1209ea83
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32025
accept-ranges: none

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 262ms
40ms Script
application/x-javascript 23.45.104.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.104.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-104-85.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 02:34:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 728

GET
H2 200 mjfsbkj4sq.jsonp Show response
fast.wistia.com/embed/medias/ 5 KB
2 KB 124ms
123ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/mjfsbkj4sq.jsonp

Requested by

Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/cyberArk/master/build/en/en.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c36238e5b009180cc921c5ba2ff09f131309a6d81eddb7ee4d882c79f75f48d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-player-privacy-mode: 1
x-permitted-cross-domain-policies: none
via: 1.1 varnish, 1.1 varnish
age: 36323
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-length: 1602
x-request-id: 96769375badb637f7e4d3be81dba8b5a
x-served-by: cache-iad-kcgs7200142-IAD, cache-hhn-etou8220078-HHN
x-runtime: 0.065233
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 109
x-timer: S1674268476.858629,VS0,VE1
etag: W/"c36238e5b009180cc921c5ba2ff09f13"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 22, 1

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 629 KB
114 KB 40ms
40ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/cyberArk/master/build/en/en.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dffa6e6a38300a852e2aa4560d19701e2daf9fafaf5efb7d20297712c8d1a013

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2348
x-cache: HIT, HIT
content-length: 116740
x-served-by: cache-iad-kiad7000159-IAD, cache-hhn-etou8220078-HHN
x-browser-version: 109
last-modified: Fri, 20 Jan 2023 20:54:20 GMT
x-timer: S1674268476.858617,VS0,VE0
etag: "63caff7c-1c804"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5, 121

GET
H3 200 sprite-1x.png
content.cdntwrk.com/img/hubs/ 59 KB
59 KB 42ms
41ms Image
image/png 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/img/hubs/sprite-1x.png
Requested by: Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/css/hubs/hubs.c2e7f618985911ea7708.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a249bcffb2d8e92a3bdff919def43b14841803ad93b80ffa864db1090e007594

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.cdntwrk.com/css/hubs/hubs.c2e7f618985911ea7708.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 00:10:47 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
age: 15003
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 60511
last-modified: Mon, 09 Jan 2023 18:32:03 GMT
server: AmazonS3
etag: "9e7227669aa01cd19bcc27e802668929"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: uizMiv_BExl-T6icA8dqEMX7uMhRVbb0Biv3e5uOeaOrrZQTSIQlSg==

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 uparrow.png
content.cdntwrk.com/img/hubs/ 194 B
502 B 41ms
40ms Image
image/png 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/img/hubs/uparrow.png
Requested by: Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/css/hubs/hubs.c2e7f618985911ea7708.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1fb7ee27fdfb34869f89aa51d9af1cf86ecc6800ab591ec3ca78f155742200b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.cdntwrk.com/css/hubs/hubs.c2e7f618985911ea7708.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 06:47:08 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
age: 330448
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 194
last-modified: Mon, 09 Jan 2023 18:32:04 GMT
server: AmazonS3
etag: "e5bbd7205c8f2ff1cd6c9f777f31da64"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 8jB5NmCl_OHjAQLNIJjN50dh5udLm7mmwBUB46IB0OR47YdXJnTfSA==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 180ms
52ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cyberark.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 18:50:55 GMT
x-content-type-options: nosniff
age: 373421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 18:50:55 GMT

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/webfonts/ 61 KB
61 KB 48ms
45ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62738b62849a46842f34013b8528886f10c8d0e1c9aec47d636e05d631e2f60e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/css/all.min.css
Origin: https://www.cyberark.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 113063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62472
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-f408"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ie%2BRn27UDxjo6uWr2Hep0JLtbgPKN24belWJ6EPQzc6Z6zlKC509wn8DcPyFImCPx9h9NzgNk%2By0LvGqvGfwD%2Ba4IdCytTgkqgjlD%2FcvnpSEy2YjgJz4sU2%2BfaOhGMAFCcQkVHaEWJQsy%2B1YvHZx24D7"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78cca6d63e372bae-FRA
expires: Thu, 11 Jan 2024 02:34:35 GMT

GET
H2 200 372722_2_unhinted_0.woff2
cihost.uberflip.com/cyberArk/OB-3963/build/fonts/ 25 KB
26 KB 132ms
47ms Font
binary/octet-stream 2600:9000:206f:3c00:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/cyberArk/OB-3963/build/fonts/372722_2_unhinted_0.woff2
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f5f9d511700318e988d3ef843afc49224162c8bb2435db7b9dc3590f525306f

Request headers

Referer: https://www.cyberark.com/
Origin: https://www.cyberark.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 05:06:58 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 77258
x-cache: Hit from cloudfront
content-length: 26033
last-modified: Wed, 27 May 2020 16:17:01 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1590596208/ctime:1590596208/gid:116/gname:docker/md5:83914a011477cb60998949144e2ac5aa/mode:33188/mtime:1590596208/uid:1001/uname:runner
etag: "83914a011477cb60998949144e2ac5aa"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: _HKdylZl8ULKxeQL2MYWlCrOHGFjRMm3CLYB232qQrrQlbkfjmvVSA==

GET
H2 200 372722_4_unhinted_0.woff2
cihost.uberflip.com/cyberArk/OB-3963/build/fonts/ 25 KB
25 KB 132ms
47ms Font
binary/octet-stream 2600:9000:206f:3c00:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/cyberArk/OB-3963/build/fonts/372722_4_unhinted_0.woff2
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66c708b80cab108a2fde84cac9677c07435537bc9d06085ccd1ac80cb93513b4

Request headers

Referer: https://www.cyberark.com/
Origin: https://www.cyberark.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 08:01:22 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 66794
x-cache: Hit from cloudfront
content-length: 25237
last-modified: Wed, 27 May 2020 16:17:01 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1590596208/ctime:1590596208/gid:116/gname:docker/md5:da77e86db861301f9320c467d834e649/mode:33188/mtime:1590596208/uid:1001/uname:runner
etag: "da77e86db861301f9320c467d834e649"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: FAKW2cnyst3jlSrpwFD5YkwtHYm827xU2z__OCH76XBjP_WiYjIibg==

GET
H2 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/webfonts/ 63 KB
63 KB 86ms
84ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5567c5a47f8bbd27707bd2cffdb1679c292a07ccf09a8578e1b9eba7ab481cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/css/all.min.css
Origin: https://www.cyberark.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 97441
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64144
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-fa90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INsTmjmL08WL3OTtGg1qfk5%2F19sWnSSfh7xPRbfuOkPBEr0M26DHlYWEBrx9lhU1MlH6gprw3Wt8ZE2y0tViCcEgyzzd4EugvO9sMPyad8cZB8jTd2QShQHnpYiFA4e%2FI0r9ISoXg%2Fa4K9Eaez5meJPh"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78cca6d63e382bae-FRA
expires: Thu, 11 Jan 2024 02:34:35 GMT

GET
H2 200 372722_1_unhinted_0.woff2
cihost.uberflip.com/cyberArk/OB-3963/build/fonts/ 25 KB
26 KB 132ms
48ms Font
binary/octet-stream 2600:9000:206f:3c00:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/cyberArk/OB-3963/build/fonts/372722_1_unhinted_0.woff2
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4761d421bbf2f059126b9ce4f5e0a9f7bc83b046a58162780a2b9c3ab8c9a56

Request headers

Referer: https://www.cyberark.com/
Origin: https://www.cyberark.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 07:57:17 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 67039
x-cache: Hit from cloudfront
content-length: 26041
last-modified: Wed, 27 May 2020 16:17:01 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1590596208/ctime:1590596208/gid:116/gname:docker/md5:0601eae673330329b340003d42fc1c36/mode:33188/mtime:1590596208/uid:1001/uname:runner
etag: "0601eae673330329b340003d42fc1c36"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: aNHWmM1rUjOWq4yvAL8pDHnMfi4spbey2c_l0qLTMcW9nbAhNLB8vA==

GET
H2 200 fontawesome-webfont.woff2
cihost.uberflip.com/cyberark-migration-tv2/OB-CyberArk_Migration_Tv2/assets/fonts/ 75 KB
76 KB 132ms
48ms Font
binary/octet-stream 2600:9000:206f:3c00:12:53a8:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cihost.uberflip.com/cyberark-migration-tv2/OB-CyberArk_Migration_Tv2/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: cihost.uberflip.com
URL: https://cihost.uberflip.com/cyberArk/master/build/en/en.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:12:53a8:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://cihost.uberflip.com/cyberArk/master/build/en/en.css
Origin: https://www.cyberark.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 05:43:33 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 75063
x-cache: Hit from cloudfront
content-length: 77160
last-modified: Wed, 27 Jan 2021 17:56:57 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1611770160/ctime:1611770160/gid:117/gname:docker/md5:af7ae505a9eed503f8b8e6982036873e/mode:33188/mtime:1611770160/uid:1001/uname:runner
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: zw-Pf_hZban9sAp2P4FLR6ip9py0e-Pp2ic4SiDVRh6cTwLnJ22WYA==

GET
H2 200 L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW4.woff2
fonts.gstatic.com/s/robotomono/v22/ 12 KB
12 KB 204ms
127ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotomono/v22/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Mono&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7295944e0067d71c5d5276d397dc0299afb519f277ba644aec0b96343e4185d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cyberark.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 21:25:02 GMT
x-content-type-options: nosniff
age: 104974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12312
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 21:25:02 GMT

GET
H2 200 hero-tr-digital-world-map.jpg
www.cyberark.com/wp-content/uploads/2023/01/ 168 KB
168 KB 56ms
56ms Image
image/webp 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads/2023/01/hero-tr-digital-world-map.jpg

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5400f5efeb9aeb52584dd4192d59ee085d45455af8532bf560f8aa2f2decebbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21672
cf-polished: qual=85, origFmt=jpeg, origSize=343909
content-disposition: inline; filename="hero-tr-digital-world-map.webp"
content-length: 171966
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Jan 2023 18:40:41 GMT
server: cloudflare
etag: "63cae029-53f65"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 78cca6d6a8d62c3d-FRA
expires: Sun, 21 Jan 2024 02:34:35 GMT

GET
H2 200 figure-4-razer-synapse-service.png
www.cyberark.com/wp-content/uploads/2023/01/ 18 KB
19 KB 74ms
73ms Image
image/webp 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads/2023/01/figure-4-razer-synapse-service.png

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f4da56894f714e58e6b742f6fda5f2153b3873c2b8cb14be8656394ddceb060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21672
cf-polished: origFmt=png, origSize=43783
content-disposition: inline; filename="figure-4-razer-synapse-service.webp"
content-length: 18724
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Jan 2023 13:14:12 GMT
server: cloudflare
etag: "63ca93a4-ab07"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 78cca6d6a8d72c3d-FRA
expires: Sun, 21 Jan 2024 02:34:35 GMT

GET
H3 200 aHViPTEwODU0MCZjbWQ9YmFja2dyb3VuZF9pbWFnZSZ2ZXJzaW9uPTE2NjUwODg4ODkmc2lnPTM1ZTA5Y2FhODQ3YmRlYTdhMDE4OGYzZjRjNTE2MjU1
content.cdntwrk.com/files/ 20 KB
21 KB 43ms
43ms Image
image/webp 65.9.66.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.cdntwrk.com/files/aHViPTEwODU0MCZjbWQ9YmFja2dyb3VuZF9pbWFnZSZ2ZXJzaW9uPTE2NjUwODg4ODkmc2lnPTM1ZTA5Y2FhODQ3YmRlYTdhMDE4OGYzZjRjNTE2MjU1
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-111.fra56.r.cloudfront.net
Software: /
Resource Hash: a36681fe4fd06eb0856952cddb2047065db39f00e819dbf0e9715540083f8198

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 01:53:50 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Thu, 18 Feb 2021 22:21:19 GMT
age: 1298446
x-amz-cf-pop: FRA56-C1
etag: "1613686879-be99bf6a6e12dc968d17e108eb199e37"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=15552000
content-disposition: inline; filename="background_image.webp"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 1-c_9zyHUcSDHOmqJi0vITg8m1pP7sdmErnxVfKAZ74XlFzEOANz9g==

POST
H2 200 ajax_updateMAPUsers Show response
www.cyberark.com/resources/hubsFront/ 126 B
380 B 185ms
184ms XHR
application/json 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberark.com/resources/hubsFront/ajax_updateMAPUsers

Requested by

Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.c2e7f618985911ea7708.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b98e0f76f97857fce1b3fbd8e9ed5775988e85fffd71dcc2422f8d012378ea34

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.cyberark.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
content-security-policy: frame-ancestors 'self' https://www.cyberark.com/;
referrer-policy: unsafe-url
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-frame-options: DENY
content-type: application/json
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-language: en
cf-ray: 78cca6d739282c3d-FRA
x-xss-protection: 1; mode=block

GET
H2 200 figure-5-three-faulty-synapses.png
www.cyberark.com/wp-content/uploads/2023/01/ 28 KB
28 KB 54ms
53ms Image
image/webp 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads/2023/01/figure-5-three-faulty-synapses.png

Requested by

Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.c2e7f618985911ea7708.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21c82b84add5c4948d4fa5e93cc10f6492e887bff706885aeb1efd29bf401a3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21673
cf-polished: origFmt=png, origSize=85185
content-disposition: inline; filename="figure-5-three-faulty-synapses.webp"
content-length: 28526
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Jan 2023 13:17:59 GMT
server: cloudflare
etag: "63ca9487-14cc1"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 78cca6d789622c3d-FRA
expires: Sun, 21 Jan 2024 02:34:36 GMT

GET
H2 200 picture-6-razer-driver.jpg
www.cyberark.com/wp-content/uploads/2023/01/ 17 KB
17 KB 60ms
59ms Image
image/webp 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads/2023/01/picture-6-razer-driver.jpg

Requested by

Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.c2e7f618985911ea7708.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa1ea74fd5779b1a6348efd60cba5b6c915a1ea30c23b0be6dda90365fc59aeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21673
cf-polished: qual=85, origFmt=jpeg, origSize=28058
content-disposition: inline; filename="picture-6-razer-driver.webp"
content-length: 17498
cf-bgj: imgq:85,h2pri
last-modified: Thu, 19 Jan 2023 13:23:43 GMT
server: cloudflare
etag: "63c9445f-6d9a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 78cca6d789642c3d-FRA
expires: Sun, 21 Jan 2024 02:34:36 GMT

GET
H2 200 figure-7-procmon-1.png
www.cyberark.com/wp-content/uploads/2023/01/ 12 KB
12 KB 60ms
60ms Image
image/webp 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads/2023/01/figure-7-procmon-1.png

Requested by

Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.c2e7f618985911ea7708.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f535965e5d115ba708161783aa2856b920cd8a3d64a75d2f3f0d27330dd8a762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21673
cf-polished: origFmt=png, origSize=41578
content-disposition: inline; filename="figure-7-procmon-1.webp"
content-length: 12246
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Jan 2023 13:21:09 GMT
server: cloudflare
etag: "63ca9545-a26a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 78cca6d789662c3d-FRA
expires: Sun, 21 Jan 2024 02:34:36 GMT

GET
H2 200 figure-8-exploitation-e1674221008498.png
www.cyberark.com/wp-content/uploads/2023/01/ 49 KB
50 KB 55ms
54ms Image
image/webp 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberark.com/wp-content/uploads/2023/01/figure-8-exploitation-e1674221008498.png

Requested by

Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.c2e7f618985911ea7708.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcee21aa7ca5c164fc73537c0235e71d165102e22d1ea525879e559ac37e9f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21673
cf-polished: origFmt=png, origSize=101891
content-disposition: inline; filename="figure-8-exploitation-e1674221008498.webp"
content-length: 50670
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Jan 2023 13:23:28 GMT
server: cloudflare
etag: "63ca95d0-18e03"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 78cca6d789672c3d-FRA
expires: Sun, 21 Jan 2024 02:34:36 GMT

GET
H/1.1 200
OK rtp.js Show response
sjrtp6-cdn.marketo.com/rtp-api/v1/ 151 KB
42 KB 931ms
687ms Script
application/x-javascript 104.76.156.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sjrtp6-cdn.marketo.com/rtp-api/v1/rtp.js?aid=cyberarksoftware

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.76.156.190 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-156-190.deploy.static.akamaitechnologies.com

Software

Jetty(9.4.45.v20220203) /

Resource Hash

083d618c7c2c89cc42cc2a72714ca19c7e4af3d0f164e17438194e5bd5761cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
Date: Sat, 21 Jan 2023 02:34:37 GMT
Last-Modified: Thu, 15 Dec 2022 05:36:19 GMT
Server: Jetty(9.4.45.v20220203)
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=91
Connection: keep-alive
Content-Length: 42368

GET
H2 200 hotjar-1200039.js Show response
static.hotjar.com/c/ 8 KB
4 KB 241ms
91ms Script
application/javascript 13.32.110.53

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1200039.js?sv=6

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.53 , United States, ASN (),

Reverse DNS

server-13-32-110-53.vie50.r.cloudfront.net

Software

Resource Hash

8a8fe0b9ebd6a7ef7e3aa76cc9696d89bb0f2a283c901c5f57531e5c46c51ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
etag: W/48ddfd565c27fb4428dd617a8472e1b3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: MHsgmdUhBllUmJJ9RMk-PAllfVxD1aRIrh4mWviWtpKm0OjxgKbxpw==

GET
H2 200 notice Show response
consent.trustarc.com/ 11 KB
5 KB 184ms
69ms Script
text/javascript 99.86.4.35

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=cyberark.com&c=teconsent&js=nj&noticeType=bb&gtm=1&pcookie=1&text=true&language=en

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.35 , United States, ASN (),

Reverse DNS

server-99-86-4-35.fra6.r.cloudfront.net

Software

Resource Hash

8b1e83dd093959871fe51f8e92a15b1f1e7dfc2d6da057aabf418e7f8d1798c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 4157
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=3600
timing-allow-origin: *
x-amz-cf-id: VqDe7MF38GKiU_M7NtGJx8gJoQDSyOaQMDxLx1JRG3W1qJ-2IScE1g==
expires: Sat, 21 Jan 2023 03:34:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9920016

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SFWTH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c5e0f4cb831d8219ccff688e5914dfe2eea6debc95ecb8db552a982cec6c4857

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44162
x-xss-protection: 0
last-modified: Sat, 21 Jan 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 21 Jan 2023 02:34:36 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 25 KB
8 KB 172ms
41ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "3528fd00b652f61a266eb584d96f4fcc"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7722

GET
H2 200 utsync.ashx Show response
ml314.com/ 62 B
309 B 110ms
110ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=52079&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&pv=1674268476155_4so0pet8b&bl=en-us&cb=3500735&return=&ht=&d=&dc=&si=1674268476155_4so0pet8b&cid=production%7C%7C108540%7C%7C6824673%7C%7C680845100&s=1600x1200&rp=&v=2.5.2.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?210
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 02:34:35 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
482 B 565ms
181ms Script
application/javascript 3.84.64.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=2102023&v=2.5.2.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?210
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.84.64.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-84-64-118.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 02:34:36 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Sun, 22 Jan 2023 02:34:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 178ms
52ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SFWTH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 21 Jan 2023 02:21:47 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 769
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20085
expires: Sat, 21 Jan 2023 04:21:47 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 367 B
1 KB 290ms
55ms XHR
application/json 52.48.61.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=9AB97041603F3EDB0A495C66%40AdobeOrg&d_nsid=0&ts=1674268476274

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.61.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-61-43.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4bd0910a578e8549460dccbd0833d03cf0f7329c86b5e8dd7b554262656a3757

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v045-078a58cff.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 2RTadmsETTo=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.cyberark.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 309
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 33 KB
12 KB 62ms
61ms Script
application/x-javascript 2a02:26f0:f700:495::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.cyberark.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12163
expires: Sat, 21 Jan 2023 03:34:36 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 3 KB
2 KB 63ms
62ms Script
application/x-javascript 2a02:26f0:f700:495::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.cyberark.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1597
expires: Sat, 21 Jan 2023 03:34:36 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/162/ 11 KB
5 KB 40ms
40ms Script
application/x-javascript 23.45.104.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/162/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.104.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-104-85.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 02:34:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4677
Expires: Mon, 01 May 2023 02:34:36 GMT

GET
H2 200 wistia-mux.js Show response
fast.wistia.com/assets/external/ 124 KB
31 KB 40ms
40ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4b3a91da9161ab8ad49abcb2c9da8997c8f6c400c12468519614dfdfb41f4ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2349
x-cache: HIT, HIT
content-length: 31306
x-served-by: cache-iad-kcgs7200128-IAD, cache-hhn-etou8220078-HHN
x-browser-version: 109
last-modified: Fri, 20 Jan 2023 20:54:20 GMT
x-timer: S1674268476.334575,VS0,VE0
etag: "63caff7c-7a4a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 51

GET
H2 200 RC215bf8f3db2048f5a863a53bd773832d-source.min.js Show response
assets.adobedtm.com/789d877fe9a8/09207f0a9c44/add392480f56/ 429 B
543 B 58ms
58ms Script
application/x-javascript 2a02:26f0:f700:495::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/add392480f56/RC215bf8f3db2048f5a863a53bd773832d-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4c1ba239941c5018015ceb57916a5983ea6505b50216aefb817ccfb94654a339

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 19:24:07 GMT
server: AkamaiNetStorage
etag: "8a5863b81d71a91e12f88208e32a9978:1661801047.772377"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.cyberark.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 277
expires: Sat, 21 Jan 2023 03:34:36 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer
Origin: https://www.cyberark.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 5847528a9b9a1f15a2a951e05eaadc38642ff0a9.webp
embed-ssl.wistia.com/deliveries/ 81 KB
82 KB 136ms
40ms Image
image/webp 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/5847528a9b9a1f15a2a951e05eaadc38642ff0a9.webp?image_crop_resized=1920x1080
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 981b9a832bf924341ec53901dafa787b10ff3ce3dab6a4eb5808cc08b467752d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
via: 1.1 varnish, 1.1 varnish
access-control-request-method: *
age: 45768
edge-cache-tag: 5847528a9b9a1f15a2a951e05eaadc38642ff0a9
x-cache: HIT, HIT
content-disposition: inline
content-length: 83256
x-served-by: cache-iad-kjyo7100120-IAD, cache-hhn-etou8220072-HHN
last-modified: Fri, 20 Jan 2023 13:50:31 UTC
x-timer: S1674268477.510965,VS0,VE1
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 14, 1

GET
H2 200 v1.7-10255 Show response
consent.trustarc.com/asset/notice.js/v/ 76 KB
23 KB 125ms
45ms Script
text/javascript 99.86.4.35

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-10255

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=cyberark.com&c=teconsent&js=nj&noticeType=bb&gtm=1&pcookie=1&text=true&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.35 , United States, ASN (),

Reverse DNS

server-99-86-4-35.fra6.r.cloudfront.net

Software

Resource Hash

903a46ee5c7582595197c74cbda644ca7e45ef90e0f89bdfce0d3d6cb3a3bc77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Origin: https://www.cyberark.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 01:49:49 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA6-C1
age: 2688
x-cache: Hit from cloudfront
pragma: public
last-modified: Wed, 18 Jan 2023 04:54:48 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: yjBpYLUKvkfs6ZePB4z1Cxu4x0m_D-0btjJQQ7kQyTWTeQEXhbMKaw==
expires: Mon, 20 Feb 2023 01:49:48 GMT

GET
H2 200 get Show response
consent.trustarc.com/ Frame 3932 7 KB
2 KB 40ms
40ms Document
text/html 99.86.4.35

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=crossdomain.html&domain=cyberark.com

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=cyberark.com&c=teconsent&js=nj&noticeType=bb&gtm=1&pcookie=1&text=true&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.35 , United States, ASN (),

Reverse DNS

server-99-86-4-35.fra6.r.cloudfront.net

Software

Resource Hash

7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 174
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 21 Jan 2023 02:31:42 GMT
expires: Mon, 20 Feb 2023 02:31:42 GMT
pragma: public
strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: *
vary: Origin
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-id: JAa3P0dhOBv_N77bol_AVcN1GaQbwYHDFUeE4k4CBtkJ4LVS98wwNA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront

GET
H2 200 log
consent.trustarc.com/ 43 B
427 B 72ms
72ms Image
image/gif 99.86.4.35

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=cyberark.com&country=de&state=&behavior=expressed&c=20f9

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.35 , United States, ASN (),

Reverse DNS

server-99-86-4-35.fra6.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 02:34:36 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA6-C1
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: u3oDS-MJot2GPeb5W1sXogzGEucQqdds1v3XJKsDBNXijRWG7VZmzA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 226ms
137ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1674268476449&id=t2_o2i62ves&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=e8902e4b-f870-405d-bf13-b52804916fcd&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_1967aea8
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

POST
H/1.1 200
OK visitWebPage
316-czp-275.mktoresp.com/webevents/ 2 B
318 B 840ms
186ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://316-czp-275.mktoresp.com/webevents/visitWebPage?_mchNc=1674268476453&_mchCn=&_mchId=316-CZP-275&_mchTk=_mch-cyberark.com-1674268476452-35014&_mchHo=www.cyberark.com&_mchPo=&_mchRu=%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/162/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 02:34:37 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: eed2c750-15b6-4fc9-92cc-601ff09c9330

GET
H2 200 RCaadfaa88901e4f0e8cbb8050b0941051-source.min.js Show response
assets.adobedtm.com/789d877fe9a8/09207f0a9c44/add392480f56/ 538 B
594 B 58ms
58ms Script
application/x-javascript 2a02:26f0:f700:495::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/add392480f56/RCaadfaa88901e4f0e8cbb8050b0941051-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 727f7329c8911115e5a8991cc12a421ac0d22c761f2f2c737d8e7be425c5ea7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 19:24:07 GMT
server: AkamaiNetStorage
etag: "8a5863b81d71a91e12f88208e32a9978:1661801047.772377"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.cyberark.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 328
expires: Sat, 21 Jan 2023 03:34:36 GMT

GET
H2 200 modules.ea0a6d6a741d5de8308e.js Show response
script.hotjar.com/ 263 KB
68 KB 158ms
52ms Script
application/javascript 13.32.110.74

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.ea0a6d6a741d5de8308e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1200039.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.74 , United States, ASN (),

Reverse DNS

server-13-32-110-74.vie50.r.cloudfront.net

Software

Resource Hash

6619ef277249ca9230cbc0315da9b41caa9f15996d143f7d1a77d52d901ce269

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 55471
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68675
last-modified: Fri, 20 Jan 2023 11:09:55 GMT
etag: "e45ceb77c1a47254136f1ef733de65df"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: NjoEwTr9GqbgbezKVeDEjkbZe8abn8qznPqmV0IuHu9w39Mr_J_VWw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 150ms
50ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-44168172-9&cid=1566863634.1674268476&jid=773343460&gjid=1095242941&_gid=1835699087.1674268476&_u=YGBAgEABAAAAAEAEK~&z=305600251

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 21 Jan 2023 02:34:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cyberark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 53ms
52ms Image
image/gif 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=831677955&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&ul=en-us&de=UTF-8&dt=Inglourious%20Drivers%20%E2%80%93%20A%20Journey%20of%20Finding%20Vulnerabilities%20in%20Drivers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAAAAEK~&jid=773343460&gjid=1095242941&cid=1566863634.1674268476&tid=UA-44168172-9&_gid=1835699087.1674268476&gtm=2wg1i05SFWTH&cd6=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&cd7=&z=1665151646

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 18:08:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 30344
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-ff00c703c3bbdf54ae44ee858d64f69e.html Show response
vars.hotjar.com/ Frame 74F1 2 KB
1 KB 153ms
44ms Document
text/html 18.66.15.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1200039.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-28.vie50.r.cloudfront.net

Software

Resource Hash

cacf589210d4361a42eed0c4a5ac94db9d22ac0a437db9bcccb8efadc06d71aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 231690
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 10:13:06 GMT
etag: "730971b89ffa8b99e4157f49a4275594"
last-modified: Wed, 18 Jan 2023 10:12:30 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 19d23243200e63f987eb95cd84ad557c.cloudfront.net (CloudFront)
x-amz-cf-id: 2Hp1CnfmDQJHOvbPafPlVJy7t4nWugNDPNNftCjqxsmQDYU5Ce1Imw==
x-amz-cf-pop: VIE50-P1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H/1.1 200
OK dest5.html Show response
cyberark.demdex.net/ Frame 39D6 7 KB
3 KB 230ms
57ms Document
text/html 34.249.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cyberark.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-28-111.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v045-0ff225fd5.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: mNBeibCSR1c=
content-encoding: gzip
date: Sat, 21 Jan 2023 02:34:36 GMT
last-modified: Fri, 28 Oct 2022 11:02:57 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y8tPPAAAALVIJANn
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=21656947488603019214280704014013884097
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y8tPPAAAALVIJANn

42 B
942 B

57ms
56ms

Image
image/gif

52.48.61.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y8tPPAAAALVIJANn

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

HTTP/1.1

Server

52.48.61.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-61-43.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0314701ba.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: uSSSCgQyTy4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y8tPPAAAALVIJANn
Date: Sat, 21 Jan 2023 02:34:36 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
cyberark.tt.omtrdc.net/rest/v1/ 351 B
717 B 272ms
66ms XHR
application/json 18.200.4.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberark.tt.omtrdc.net/rest/v1/delivery?client=cyberark&sessionId=9957535d95004e8c98a42a66d5e9960a&version=2.9.0
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.4.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-4-79.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c1a87e347886909899de64e8667abecd68cb24424d37da180ad938278a80e070

Request headers

Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.cyberark.com
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 0ef4ab03556dc35ac128397967d359e5

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame ABE1 5 KB
3 KB 156ms
41ms Document
text/html 143.204.215.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-10255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-47.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64558
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 20 Jan 2023 08:38:38 GMT
etag: W/"5147-1672991998000"
expect-ct: max-age=86400; enforce;
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-id: Lx_NWne-QyP6bWA12LaHZyzmgmxaqJi2caJniS0ZjiO5oeO-QFHCVg==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
498 B 70ms
69ms Image
image/gif 99.86.4.35

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=cyberark.com&behavior=expressed&country=de&language=en&rand=0.8458287275733358

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.35 , United States, ASN (),

Reverse DNS

server-99-86-4-35.fra6.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=3600
timing-allow-origin: *
x-amz-cf-id: kvcdNo13sYmDllJRRhL-KmC3bxEwXA1w4XS1QvuBYE52dEGu3sbhHw==
expires: Sat, 21 Jan 2023 03:34:36 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 203ms
77ms Image
image/gif 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-44168172-9&cid=1566863634.1674268476&jid=773343460&_u=YGBAgEABAAAAAEAEK~&z=254582457

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 02:34:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 141ms
53ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-44168172-9&cid=1566863634.1674268476&jid=773343460&_u=YGBAgEABAAAAAEAEK~&z=254582457

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 02:34:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1200039/ 147 B
322 B 181ms
60ms XHR
application/json 3.248.94.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1200039/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.ea0a6d6a741d5de8308e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.94.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-94-213.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d5c1ad551c121bee3ab5ec67df650f929a74368057152d6c09a12c6df0651dc6

Request headers

Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame ABE1 5 KB
3 KB 141ms
141ms Script
application/javascript 143.204.215.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-47.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

0f291b48c679e4c033b4710f137ca5382256b632d6e7521a2c92b4ad9f18790c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
server: nginx
etag: W/"4867-1672992016000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: tz5aph9I72kkRZq3VraQc5FhEZaGiWvK3WGngRKxrY5Jn5qrxtAa8Q==
expires: Sat, 21 Jan 2023 02:34:35 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame ABE1 20 KB
5 KB 154ms
40ms Script
text/javascript 65.9.66.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-38.fra56.r.cloudfront.net

Software

Resource Hash

f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Dec 2022 08:00:01 GMT
content-encoding: gzip
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C1
age: 2399675
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: pC4xBUrxpefHBIzbYsEoaw3kSYYQSStwQgD-fcf7VCf3n6wJV9Mh-g==
expires: Mon, 23 Jan 2023 08:00:01 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame ABE1 3 KB
3 KB 41ms
40ms Image
image/gif 143.204.215.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-47.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 23:36:41 GMT
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 10681
x-cache: Hit from cloudfront
content-length: 2608
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
server: nginx
etag: W/"2608-1672991998000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: z5qOvq_GfgmHG1zRLK4P22eT0WiO0H-z0TkOG14IkXrQ9u7D9JXgow==

GET
H2 200 ajax_ping Show response
www.cyberark.com/resources/hubsFront/ 49 B
132 B 185ms
185ms XHR
application/json 104.17.192.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberark.com/resources/hubsFront/ajax_ping

Requested by

Host: content.cdntwrk.com
URL: https://content.cdntwrk.com/js/hubs/hubs_app.c2e7f618985911ea7708.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.192.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74935268619be1f087ce67765abd72f80107125f23b346f7615cc9e6a19d4595

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.cyberark.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:36 GMT
content-security-policy: frame-ancestors 'self' https://www.cyberark.com/;
referrer-policy: unsafe-url
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-frame-options: DENY
content-type: application/json
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-language: en
cf-ray: 78cca6dc5ccf2c3d-FRA
x-xss-protection: 1; mode=block

GET
H2 200 9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 8088 139 KB
46 KB 46ms
46ms Document
text/html 143.204.215.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-47.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

2b01ae0442a80d4aa980667743285340122c3432880a4979476fe7d88ef7c37b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 250260
cache-control: max-age=315360000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 18 Jan 2023 05:03:36 GMT
etag: W/"142492-1672992016000"
expect-ct: max-age=86400; enforce;
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-id: jS6jFwKWoSYk5fVEJKgvdpIhqB_nkDmrF6gizMCdYuG_G9_h5cP2YQ==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame ABE1 969 B
1 KB 142ms
142ms XHR
application/json 143.204.215.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-47.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

2d4305f2966b852ff429b31bf755d230a8dc4dc05891db275004a08fc4c55b29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
Referer: https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Sat, 21 Jan 2023 02:34:37 GMT
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 469
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 5i1885e876Y9aMGmyVQI-BdxzfChISKtgl91ur-3T-UY-YKclN1KJA==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame ABE1 48 B
622 B 136ms
135ms XHR
application/json 143.204.215.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-47.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

04d96cf54024c67fd5b5fbeae19cee6344c440d7fa2c8c86fa794c252edb95b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
Referer: https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Sat, 21 Jan 2023 02:34:37 GMT
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 48
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: FlVkrrtbDUGjiUUGhNPhHQ4t2bzpMVp106mJymBpZhZeHG4uVb9I4w==

GET
H/1.1 200
OK jquery-ui-insightera-custom-1.9.6.css
rtp-static.marketo.com/rtp/libs/ 22 KB
4 KB 335ms
48ms Stylesheet
text/css 104.76.156.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery-ui-insightera-custom-1.9.6.css
Requested by: Host: sjrtp6-cdn.marketo.com
URL: https://sjrtp6-cdn.marketo.com/rtp-api/v1/rtp.js?aid=cyberarksoftware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.76.156.190 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-156-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 02:34:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 08:57:42 GMT
Server: AkamaiNetStorage
ETag: "7f5b0bee9b1f7af8413b351cbceca223:1510045062"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 3752

GET
H/1.1 200
OK trw Show response
sjrtp6.marketo.com/gw1/ 214 B
651 B 778ms
182ms Script
application/x-javascript 192.28.146.116
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://sjrtp6.marketo.com/gw1/trw?aid=cyberarksoftware&trwv.uid=cyberarksoftware-1674268477148-0c46393e&trwv.vc=1&trwsa.sid=cyberarksoftware-1674268477149-565d68de&trwsb.cpv=1&ctzo=-00:00&uri=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&ma=id%3A316-CZP-275%26token%3A_mch-cyberark.com-1674268476452-35014&pm=&viewedTypes=&rts=1674268477152

Requested by

Host: sjrtp6-cdn.marketo.com
URL: https://sjrtp6-cdn.marketo.com/rtp-api/v1/rtp.js?aid=cyberarksoftware

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.146.116 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

baba8eacc7c69190a86365e6b229f270cd40c6f145b7d893422134ed156051c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 02:34:37 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 214
Content-Type: application/x-javascript;charset=utf-8

GET
H/1.1 200
OK ga-integration-2.0.4.js Show response
rtp-static.marketo.com/rtp/libs/ 17 KB
6 KB 328ms
48ms Script
application/x-javascript 104.76.156.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.4.js
Requested by: Host: sjrtp6-cdn.marketo.com
URL: https://sjrtp6-cdn.marketo.com/rtp-api/v1/rtp.js?aid=cyberarksoftware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.76.156.190 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-156-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 278cd45917f5fee0e5710b34f2c03a3652544fe5a6ccea56cbbd0bd7324bf5e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 02:34:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 07:56:23 GMT
Server: AkamaiNetStorage
ETag: "cfd84ea6865e772828527b0485a0eb7e:1622706982.648039"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 5540

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame ABE1 28 KB
7 KB 88ms
88ms Stylesheet
text/css 143.204.215.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/EuPreferenceManager.css

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-47.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:37 GMT
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
x-cache: RefreshHit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
server: nginx
etag: W/"29043-1672991998000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: YeG2PSZlrWLmfVA7ov1BKq51LMC1NEn6GkvT4VR_oB5CDmuGWxSepA==
expires: Sat, 21 Jan 2023 02:34:36 GMT

GET
H2 200 10.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/ Frame ABE1 254 KB
87 KB 44ms
44ms XHR
application/javascript 143.204.215.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/10.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-47.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

1bb0a294ccb83bcb350ace8804b9666d13d73d040567e09c9a794de938d7a429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 05:02:59 GMT
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 250298
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
server: nginx
etag: W/"259669-1672992016000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: HcHznSxZ6aQ4dfVA5Et0BqPuEmrCFYcNs8cZDtMYEEbVC1njH-rqiA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK msg Show response
sjrtp6.marketo.com/gw1/ 0
426 B 729ms
183ms Script
text/javascript 192.28.146.116
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://sjrtp6.marketo.com/gw1/msg?a=2&sid=cyberarksoftware-1674268477149-565d68de&aid=cyberarksoftware&ma=id%3A316-CZP-275%26token%3A_mch-cyberark.com-1674268476452-35014&viewedTypes=&0.34772889731649337&rts=1674268477204

Requested by

Host: sjrtp6-cdn.marketo.com
URL: https://sjrtp6-cdn.marketo.com/rtp-api/v1/rtp.js?aid=cyberarksoftware

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.146.116 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 02:34:37 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: text/javascript;charset=utf-8

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/ Frame ABE1 19 KB
8 KB 41ms
41ms XHR
application/javascript 143.204.215.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/1.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-47.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

579c0e329b6a1ba8a7d65f4f14d1532ced14c4171dd9f4eeb501bfb0eae7c955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 05:03:11 GMT
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 250286
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
server: nginx
etag: W/"19787-1672992016000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: dxSE5TK3bDufvleqR3N77LOCBdWWvNHSa2ijl9XNiLY8RxFGV6yTBA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie_iframe.html Show response
prefmgr-cookie.truste-svc.net/cookie_js/ Frame A9A7 5 KB
2 KB 358ms
117ms Document
text/html 44.195.150.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.195.150.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-195-150-192.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://consent-pref.trustarc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 02:34:37 GMT
etag: W/"5014-1657163800000"
expect-ct: max-age=31536000
last-modified: Thu, 07 Jul 2022 03:16:40 GMT
permissions-policy: geolocation=(), microphone=(), payment=()
referrer-policy: origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame ABE1 843 B
957 B 154ms
153ms XHR
application/json 143.204.215.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-47.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9880b1057df4dc2ce1fc004ef4a595c36bb258deb902610a945938196df166e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
Referer: https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Sat, 21 Jan 2023 02:34:37 GMT
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 364
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: kBLsxlP2gCOk9hoGA_kVjW8w5Vba4QYdxOskIrw7ITUuQWGRGfKnZw==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame ABE1 24 KB
6 KB 154ms
153ms XHR
application/json 143.204.215.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-47.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

3decbe1c69b0f91d975610f54b2615be61a887c20f8ade1049be9743168198aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
Referer: https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Sat, 21 Jan 2023 02:34:37 GMT
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 6052
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: Vr7DyvWMF0ILnnZSZO0IzO8y_IPA7RRrfeT23nYFabL19QAM9_C8sA==

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame ABE1 4 KB
5 KB 41ms
40ms Image
image/png 143.204.215.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-47.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 01:28:13 GMT
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 4022
x-cache: Hit from cloudfront
content-length: 4197
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
server: nginx
etag: W/"4197-1672991998000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: 3DroN0i9Yw0huP3pqik8IUTY9HOJw-lTegtaQhYTszXnXqsaCsFvKQ==

GET
H/1.1 200
OK msg Show response
sjrtp6.marketo.com/gw1/ 0
426 B 537ms
180ms Script
text/javascript 192.28.146.116
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sjrtp6-cdn.marketo.com
URL: https://sjrtp6-cdn.marketo.com/rtp-api/v1/rtp.js?aid=cyberarksoftware

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.146.116 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 02:34:38 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: text/javascript;charset=utf-8

GET
H2 200 6.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/ Frame ABE1 7 KB
4 KB 40ms
40ms XHR
application/javascript 143.204.215.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/6.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-47.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

224e4e013b7071882a4bb3f069b88294e85f1638cfdf8b557f2d62eaed0db93b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 05:03:12 GMT
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 250286
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
server: nginx
etag: W/"7220-1672992016000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: sc5wyvbVEHCXM1cO4AyAx84JWOuF3bCGdRrFTOaYBmP3UVZW7I7P7g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie_inneriframe.html Show response
consent-pref.trustarc.com/ Frame B75E 2 KB
1 KB 40ms
40ms Document
text/html 143.204.215.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/cookie_inneriframe.html

Requested by

Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=cyberark_v2&site=cyberark.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-47.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://prefmgr-cookie.truste-svc.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33953
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 20 Jan 2023 17:08:45 GMT
etag: W/"2008-1672991998000"
expect-ct: max-age=86400; enforce;
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-id: UFcCq8je31wcO2XByoPzG1JPjZktDgOPAIsc59U0xgKdx44odkOkJA==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 get
consent.trustarc.com/ Frame ABE1 219 KB
114 KB 124ms
123ms Font
font/ttf 99.86.4.35

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=OpenSans-Bold.ttf

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.35 , United States, ASN (),

Reverse DNS

server-99-86-4-35.fra6.r.cloudfront.net

Software

Resource Hash

5894a3649b213cf5b2d673b6e7a871815fd1d120fa68a463592f27db14eae323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://consent-pref.trustarc.com/
Origin: https://consent-pref.trustarc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: public
date: Sat, 21 Jan 2023 01:58:23 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA6-C1
age: 2175
x-cache: Hit from cloudfront
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: bQehEhRVWsHNteOwo7qApzeXlPgy2NFrFJQD8-c1oFickup21D1ObA==
expires: Mon, 20 Feb 2023 01:58:23 GMT

GET
H2 200 get
consent.trustarc.com/ Frame ABE1 127 KB
77 KB 49ms
48ms Font
font/ttf 99.86.4.35

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=OpenSans-Light.ttf

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.35 , United States, ASN (),

Reverse DNS

server-99-86-4-35.fra6.r.cloudfront.net

Software

Resource Hash

abca0004f2960ea162b161a82240a139fce6012733a76f3859febb9bed38b420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://consent-pref.trustarc.com/
Origin: https://consent-pref.trustarc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: public
date: Sat, 21 Jan 2023 01:46:40 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA6-C1
age: 2878
x-cache: Hit from cloudfront
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: hJTd7Oj-sp1z4Imky2b8y3wRhCx3sNuIJOX_mp52eUmdT4ayJ9REKA==
expires: Mon, 20 Feb 2023 01:46:40 GMT

GET
H2 200 get
consent.trustarc.com/ Frame ABE1 127 KB
77 KB 95ms
94ms Font
font/ttf 99.86.4.35

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=OpenSans-SemiBold.ttf

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.35 , United States, ASN (),

Reverse DNS

server-99-86-4-35.fra6.r.cloudfront.net

Software

Resource Hash

89275a1c66640733265b5be89864b6daefef1cc3f275566dd8fd29bd66601a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://consent-pref.trustarc.com/
Origin: https://consent-pref.trustarc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: public
date: Sat, 21 Jan 2023 02:03:10 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA6-C1
age: 1888
x-cache: Hit from cloudfront
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: vU8oEgJj0GC1MXCLc4XNXVpWmrLLGpKDlrztIHJrFG2RJL4EcddPfg==
expires: Mon, 20 Feb 2023 02:03:10 GMT

GET
H2 200 get
consent.trustarc.com/ Frame ABE1 127 KB
77 KB 148ms
148ms Font
application/octet-stream 99.86.4.35

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=OpenSans-Regular.ttf

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.35 , United States, ASN (),

Reverse DNS

server-99-86-4-35.fra6.r.cloudfront.net

Software

Resource Hash

8bcb1671142844b9c10b5247053d513b9110ad9e3ad7ec0b751d42c977611f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://consent-pref.trustarc.com/
Origin: https://consent-pref.trustarc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: public
date: Sat, 21 Jan 2023 02:27:46 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA6-C1
age: 412
x-cache: Hit from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: PefRUW7dc0DPRPO1fU9xLLnOcJlD6y6NtJ1IYFmEvXRieiN8fufpmw==
expires: Mon, 20 Feb 2023 02:27:46 GMT

GET
H2 200 get
consent.trustarc.com/ Frame ABE1 5 KB
5 KB 45ms
45ms Image
image/png 99.86.4.35

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=CyberArk_H4C_logo.png

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.35 , United States, ASN (),

Reverse DNS

server-99-86-4-35.fra6.r.cloudfront.net

Software

Resource Hash

6df07acc4226892a09f5d94cfb28cd6f560b073f5fb5e4060fede31cba893989

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: public
date: Sat, 21 Jan 2023 01:46:40 GMT
content-encoding: gzip
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA6-C1
age: 2878
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: t4J2I9ytxTW6fDO8ZMB5DSxdR3j5deDkvR6TyaWC8vLtbANF5EnGTw==
expires: Mon, 20 Feb 2023 01:46:40 GMT

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 59 KB
16 KB 41ms
41ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6abf92ff9e0a1a724a6ed538868622935bbdc1d415f37307b9e4daa7b3934365

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:38 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2350
x-cache: HIT, HIT
content-length: 16035
x-served-by: cache-iad-kcgs7200113-IAD, cache-hhn-etou8220078-HHN
x-browser-version: 109
last-modified: Fri, 20 Jan 2023 20:54:20 GMT
x-timer: S1674268478.492598,VS0,VE0
etag: "63caff7c-3ea3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 62, 44

GET
H2 200 RC5266e3ee597a459fbc388f1132b7e943-source.min.js Show response
assets.adobedtm.com/789d877fe9a8/09207f0a9c44/add392480f56/ 521 B
595 B 58ms
57ms Script
application/x-javascript 2a02:26f0:f700:495::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/add392480f56/RC5266e3ee597a459fbc388f1132b7e943-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b014e4d5562d444e36750cc30291deded03d12aa2ed6680a65129131577aef4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:38 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 19:24:07 GMT
server: AkamaiNetStorage
etag: "8a5863b81d71a91e12f88208e32a9978:1661801047.772377"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.cyberark.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 329
expires: Sat, 21 Jan 2023 03:34:38 GMT

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 484 KB
112 KB 40ms
39ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

02e31622ca3c0fce95822a726c4f6b16b4bf328bc5b87e03be98c2ae3e2cb531

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:38 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2351
x-cache: HIT, HIT
content-length: 114395
x-served-by: cache-iad-kiad7000086-IAD, cache-hhn-etou8220078-HHN
x-browser-version: 109
last-modified: Fri, 20 Jan 2023 20:54:20 GMT
x-timer: S1674268479.501587,VS0,VE0
etag: "63caff7c-1bedb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9, 30

POST
H2 204 x Show response
distillery.wistia.com/ 0
96 B 415ms
120ms XHR
text/plain 3.208.35.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.35.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-35-2.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 21 Jan 2023 02:34:38 GMT
cache-control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK jquery-custom-ui.min.js Show response
rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/ 126 KB
35 KB 59ms
59ms Script
application/x-javascript 104.76.156.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/jquery-custom-ui.min.js
Requested by: Host: sjrtp6-cdn.marketo.com
URL: https://sjrtp6-cdn.marketo.com/rtp-api/v1/rtp.js?aid=cyberarksoftware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.76.156.190 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-156-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 02:34:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 12:54:21 GMT
Server: AkamaiNetStorage
ETag: "5a9f8dd85d85afd20544bd437a505338:1515502461"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 35484

GET
H2 200 ey22i6m9p82y.js Show response
js.driftt.com/include/1674268500000/ 211 KB
60 KB 467ms
293ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1674268500000/ey22i6m9p82y.js

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ed080deff87258431cfcdc272697c3c2f00e754c4035590a97a86f723081392e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:38 GMT
x-amz-version-id: B_fqyheN99xNjw3JGS3sBaaFE..BpU2T
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 20 Jan 2023 15:42:08 GMT
server: istio-envoy
etag: W/"42dce1090d968a429996493175583164"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: doRjvuZmWvvO8Hq_GhI6mA_SmFbmOlvMQoL4N-5Un7QkvzDfjV0iWQ==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071691665/ 2 KB
2 KB 215ms
88ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071691665/?random=1674268478490&cv=11&fst=1674268478490&bg=ffffff&guid=ON&async=1&gtm=2wg1i0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&tiba=Inglourious%20Drivers%20%E2%80%93%20A%20Journey%20of%20Finding%20Vulnerabilities%20in%20Drivers&auid=2116949763.1674268476&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SFWTH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8985954379afcdfc9560ec48a12cbca16e172cf84cb1513bd62120dbf2d086d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 02:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 961
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 183ms
47ms Script
application/x-javascript 2a02:26f0:11a::6867:4832
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SFWTH
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:38 GMT
content-encoding: gzip
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=85425
accept-ranges: bytes
content-length: 4777

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 57 KB
19 KB 155ms
47ms Script
text/javascript 2600:9000:211e:7a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SFWTH
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 187dd959c1c8b5b67dd697aa19ebe24c0973eae61cc3f93baea8f91220b72e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

X-Amz-Version-Id: bntwPEMHiM2VGhRpRaGiN3p9n4.eWDa1
Content-Encoding: gzip
Via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
Date: Sat, 21 Jan 2023 02:30:45 GMT
Age: 234
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 16:29:54 GMT
Server: AmazonS3
Etag: W/"0746318b259b1f107827e097348569d8"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Rbiu4cY9rOwUx99a8YUyhieZEvdOmj_t9g-XQz9IWK8iNHGAXXGs-Q==

GET ei.js
web-analytics.engagio.com/js/ 0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 126ms
42ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef8f067f829af7c95936a36f38e54c98ab090f937f5557e4c78829ed8fcf5ffd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 21 Jan 2023 02:34:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27859
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: sT+4OKZCgib8rPRVvx9Ig/K47rk7/oG9VcL4kHZ4SMy0OKDIJAfvpav5sKEeD6h5oYg8mGDIJizITvQdgxB0lw==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 31 KB
10 KB 371ms
100ms Script
application/javascript 104.96.140.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-140-70.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

eea93734d5f0032479fa252394415d53cbcd4e7bd6d54764543eaa8b7c9fd10c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 02:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Dec 2022 20:20:43 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63890c9b-7ad6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 10143
expires: Sat, 21 Jan 2023 02:34:38 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 186ms
41ms Script
application/javascript 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f7da44c9657d7a2dbd9d127c5d9834ab4d9599445f264f90e2b922e61bdc9ff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:38 GMT
content-encoding: gzip
etag: "OVi4z6W4qM+KoQEZlRgh5w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 28 Jan 2023 02:34:38 GMT

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/choozle/14963/ 28 KB
10 KB 147ms
44ms Script
application/javascript 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/14963/Bootstrap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SFWTH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6151f62c314340a55f5cc5fb650538f2325f9516b69da4e3feb300515fc4072e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 05:33:07 GMT
x-amz-version-id: TyBQf2qSagJta4AIHKpeV6mRRAvIotjd
content-encoding: gzip
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 10530092
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 10 Sep 2021 17:02:44 GMT
server: AmazonS3
etag: W/"374a48ffc505abf84a47ee66770c76f3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: mmUDqUcQqJK2sn8vp7R7bWUjk18n5UyyGfjdGBhmjzrGpPaHyM3Q6g==

GET
H2 200 611ea0a8737ce37c388dd3a2 Show response
go.affec.tv/j/ 1 KB
1 KB 186ms
56ms Script
application/javascript 52.51.77.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.affec.tv/j/611ea0a8737ce37c388dd3a2?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SFWTH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.77.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-77-206.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 01b67e0c7d556790fb010f16a6ddabcf05d483d00da56038aecaf0c10f1980eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:38 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR PSAo CONo HISo OTPo OUR IND NAV INT CNT OTC"
content-type: application/javascript
cache-control: no-cache, private, no-store, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
content-length: 785
expires: Wed, 04 Apr 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CM_uvI_Q1_wCFQqF1QodlrcDew;src=9920016;type=websi0;cat=websi0;ord=2325129079566;gtm=2od1i0;auiddc=2116949763.1674268476;~oref=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-re... Show response
9920016.fls.doubleclick.net/ Frame 9279
Redirect Chain

https://9920016.fls.doubleclick.net/activityi;src=9920016;type=websi0;cat=websi0;ord=2325129079566;gtm=2od1i0;auiddc=2116949763.1674268476;~oref=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-...
https://9920016.fls.doubleclick.net/activityi;dc_pre=CM_uvI_Q1_wCFQqF1QodlrcDew;src=9920016;type=websi0;cat=websi0;ord=2325129079566;gtm=2od1i0;auiddc=2116949763.1674268476;~oref=https%3A%2F%2Fwww....

494 B
629 B

85ms
83ms

Document
text/html

142.251.39.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9920016.fls.doubleclick.net/activityi;dc_pre=CM_uvI_Q1_wCFQqF1QodlrcDew;src=9920016;type=websi0;cat=websi0;ord=2325129079566;gtm=2od1i0;auiddc=2116949763.1674268476;~oref=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9920016

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f6.1e100.net

Software

cafe /

Resource Hash

8af2cabc88dfe421769b70cbedd304bf081a290d9772767243b519ed867381cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 291
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 02:34:38 GMT
expires: Sat, 21 Jan 2023 02:34:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 02:34:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9920016.fls.doubleclick.net/activityi;dc_pre=CM_uvI_Q1_wCFQqF1QodlrcDew;src=9920016;type=websi0;cat=websi0;ord=2325129079566;gtm=2od1i0;auiddc=2116949763.1674268476;~oref=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 489ms
118ms Script
text/javascript 54.243.239.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.cyberark.com
URL: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.239.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-239-236.compute-1.amazonaws.com
Software: /
Resource Hash: 61838330d2211d4b7e34d44ffd868f8206b7849df31c81e678391a36d603992d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 21 Jan 2023 02:34:39 GMT
Cache-Control: max-age=5
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 5383
Content-Type: text/javascript

GET
H2 200 RCfa64ba9b591a453aa9e951ba10209d4b-source.min.js Show response
assets.adobedtm.com/789d877fe9a8/09207f0a9c44/add392480f56/ 1 KB
799 B 58ms
58ms Script
application/x-javascript 2a02:26f0:f700:495::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/add392480f56/RCfa64ba9b591a453aa9e951ba10209d4b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: aa2a619cb70a41c4837eddb7d788c83c99cf6a56904708ade91ce406ace57d15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:38 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 19:24:07 GMT
server: AkamaiNetStorage
etag: "8a5863b81d71a91e12f88208e32a9978:1661801047.772377"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.cyberark.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 533
expires: Sat, 21 Jan 2023 03:34:38 GMT

GET
H2 200 mjfsbkj4sq.m3u8 Show response
fast.wistia.com/embed/medias/ 930 B
1 KB 129ms
43ms XHR
application/x-mpegurl 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/mjfsbkj4sq.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f9f8b31a6e9e78119ea78a9e336665294350ea7e72d5603b77a547bf660dcb30

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:38 GMT
x-player-privacy-mode: 1
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
age: 36324
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-length: 930
x-request-id: d5674a72b133c4f6fc6fc0a93f2e28dd
x-served-by: cache-iad-kcgs7200097-IAD, cache-hhn-etou8220059-HHN
x-runtime: 0.032036
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 109
x-timer: S1674268479.697963,VS0,VE2
etag: W/"f9f8b31a6e9e78119ea78a9e33666529"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16, 1

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
2 KB 122ms
42ms Image
image/gif 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Origin: https://www.cyberark.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-cache-hits: 4, 563
date: Sat, 21 Jan 2023 02:34:38 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 20351
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kiad7000052-IAD, cache-hhn-etou8220059-HHN
x-browser-version: 109
last-modified: Fri, 20 Jan 2023 20:31:51 GMT
x-timer: S1674268479.698122,VS0,VE0
etag: "63cafa37-4be"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK visitor Show response
sjrtp6.marketo.com/gw1/rtp/api/v1_1/ 772 B
1 KB 725ms
182ms XHR
application/json 192.28.146.116
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://sjrtp6.marketo.com/gw1/rtp/api/v1_1/visitor?sid=cyberarksoftware-1674268477149-565d68de&aid=cyberarksoftware&1674268478624

Requested by

Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.146.116 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

b313ae8061f28844dbe89cf342e814be6d36a3668c784c2f45a78e33fae2f9da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: No-cache
Date: Sat, 21 Jan 2023 02:34:39 GMT
Strict-Transport-Security: max-age=63113904
Last-Modified: Fri Jan 20 20:34:39 CST 2023
Server: Jetty(9.4.45.v20220203)
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.cyberark.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sgm Show response
sjrtp6.marketo.com/gw1/ga/ 769 B
1 KB 725ms
183ms XHR
text/json 192.28.146.116
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://sjrtp6.marketo.com/gw1/ga/sgm?sid=cyberarksoftware-1674268477149-565d68de&1674268478625

Requested by

Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.28.146.116 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

9f8a9da5e34be1cb7e9f5e99e82b6cb66eb9d84ecf66bef10ef06ef0f9321fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 02:34:39 GMT
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Content-Type: text/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Length: 769

GET
H2 200 RCa5164e12c82447adb2cd80d0c9b8bb38-source.min.js Show response
assets.adobedtm.com/789d877fe9a8/09207f0a9c44/add392480f56/ 504 B
591 B 58ms
58ms Script
application/x-javascript 2a02:26f0:f700:495::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/add392480f56/RCa5164e12c82447adb2cd80d0c9b8bb38-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/789d877fe9a8/09207f0a9c44/launch-e8e6adf0fe30.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a35f66e3c735f802aa18c069ed416ba8d2a7acd10e6c03d0d39af2cd1d2ec95a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:38 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 19:24:07 GMT
server: AkamaiNetStorage
etag: "8a5863b81d71a91e12f88208e32a9978:1661801047.772377"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.cyberark.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 325
expires: Sat, 21 Jan 2023 03:34:38 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/choozle/14963/ 406 B
710 B 60ms
60ms Script
text/javascript 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/14963/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/14963/code/&publishedOn=Fri%20Sep%2010%2017:02:39%20GMT%202021&ClientID=923&PageID=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/14963/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9ec4ac872efb979ad2e4987aa9894a8892a6f112651b0153b4bb51182e8d2298

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:38 GMT
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
content-length: 406
x-amz-cf-id: tm4GZwLrJmAvmT8s_QZAb8E2LxGF78nwmtFYGUpQtPJw9VTT0uk1wg==
expires: Sat, 21 Jan 2023 02:34:37 GMT

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/exp/6RJ2KCUITBBDPLKE34TVGK/ 38 B
795 B 43ms
43ms Script
application/javascript 2600:9000:211e:7a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/6RJ2KCUITBBDPLKE34TVGK/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6c19d4ee9832249a4a542057fe1cda984efb525973cb294831ec5ecc42367f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

X-Amz-Version-Id: WYT5cO0trQ1cu7ti_HYOkPgz8_XThI_j
Date: Fri, 20 Jan 2023 07:47:20 GMT
Via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
Age: 67639
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 38
Last-Modified: Thu, 01 Dec 2022 00:26:21 GMT
Server: AmazonS3
Etag: "f5a64db38c4218cefe3f9d7531faf9a1"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: q2fqdlid9XvyclKX6bShyUO519FtxgE74peue35RZHQYuy7WPrhPBA==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/6RJ2KCUITBBDPLKE34TVGK/YLIX5GPR6BEUFEKQO55F32/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

41ms
40ms

Script
application/javascript

2600:9000:211e:7a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:211e:7a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Fri, 20 Jan 2023 10:27:32 GMT
Via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
Age: 58027
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 0W8-Ra3okp8xd7C3AYAllAEe4qeltSW1XIu5YYHyrUw2w0G1ruEGgg==

Redirect headers

Date: Fri, 20 Jan 2023 07:23:31 GMT
Via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
Age: 69066
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: RPXeNXSFPeH3hxw8JKy8NNR8a_8nYvm4zoRlXDxVzG40Xh2qkZOLvw==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/6RJ2KCUITBBDPLKE34TVGK/YLIX5GPR6BEUFEKQO55F32/ 0
809 B 98ms
43ms Script
text/javascript 2600:9000:211e:7a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/6RJ2KCUITBBDPLKE34TVGK/YLIX5GPR6BEUFEKQO55F32/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

X-Amz-Version-Id: IJwRuSa6SUWJZl8_sS34F1opARVPnzJm
Date: Sat, 21 Jan 2023 01:58:14 GMT
Via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
Age: 2185
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Mon, 16 Jan 2023 06:24:54 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 5Mp6x8K07Kxg_t9lNBgJbObr2dVoKChEU6g4c-uScRNttADdJre2Sg==

GET
H2 200 286320195733404 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 103ms
101ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/286320195733404?v=2.9.94&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ba63c7b71a9b46dcc6f157c0daa6e0f466e9eff0fa3c8a3310468dd31e2c72d1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 21 Jan 2023 02:34:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: jgEhkxr5JNkP10JlFAqTQ2h4A70Ju/T/IhNNSow76OgxLK5dLnKMEoiM8GWu2D8Z/cFBsJ+XNiR6uVZBZaQ6SA==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/17906/domain/cyberark.com/ 36 B
377 B 174ms
43ms XHR
application/json 2600:9000:206f:aa00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/17906/domain/cyberark.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:aa00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 01:45:21 GMT
content-encoding: gzip
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 2957
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: OXnmK0QKDNJDN6mfgvztr_uCOIUu8NHx7LoZStuFqil2R0ZDFeVHLA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=17906&time=1674268478692&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerab...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D17906%26time%3D1674268478692%26url%3Dhttps%253A%252F%252Fwww.cyberark.com%252Fres...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=17906&time=1674268478692&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerab...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=17906&time=1674268478692&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnera...

0
265 B

323ms
211ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=17906&time=1674268478692&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&liSync=true&e_ipv6=AQLGzdQY_FO2swAAAYXSLY-IJGJUUeWoWciCktrXsOPnOgZubxWwLU3K1qyhpDDAjTmX6rM
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:39 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4ABC73D885FB4697B5948AE56E4E5187 Ref B: FRAEDGE1412 Ref C: 2023-01-21T02:34:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXyvQH9jZlZR/KtVqQahg==

Redirect headers

date: Sat, 21 Jan 2023 02:34:39 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F2D8E27128194A76941A7527AEA7307D Ref B: FRAEDGE1112 Ref C: 2023-01-21T02:34:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=17906&time=1674268478692&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&liSync=true&e_ipv6=AQLGzdQY_FO2swAAAYXSLY-IJGJUUeWoWciCktrXsOPnOgZubxWwLU3K1qyhpDDAjTmX6rM
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXyvQH4lEgJZF+WxHZsxg==

GET
H2 200 rules-p-qmdrChZDk_z9X.js Show response
rules.quantcount.com/ 3 KB
1 KB 141ms
43ms Script
application/javascript 2600:9000:223c:9400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-qmdrChZDk_z9X.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:9400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31df833090601f4d9362b74159cf6fe7a5a6790766873bf468bfc218a4fd716d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 01:45:22 GMT
content-encoding: gzip
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2957
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Tue, 17 Aug 2021 18:10:52 GMT
server: AmazonS3
etag: W/"4348745e6fbfcab4818dd96d6dcc9de1"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: YiiNcM59sJQGj90xzTcxDP1PQ65ZFVc_ZQvUawoYZSVVGVqaUySj_Q==

GET
H2 200 662433978d45e21970b804bbfa51742f.js Show response
nexus.ensighten.com/choozle/14963/code/ 1 KB
1 KB 41ms
40ms Script
application/javascript 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/14963/code/662433978d45e21970b804bbfa51742f.js?conditionId0=4910939&conditionId1=4910940
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/14963/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2007f491cf8805ceb2604c0b9aeb1adc383791b679f523665fb75a8aad1ea1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 04:58:30 GMT
x-amz-version-id: .HDgNBMtyeldon8XYKIFOVut_y90kYAl
content-encoding: br
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 11482569
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 17 Aug 2021 20:02:58 GMT
server: AmazonS3
etag: W/"1a30bb178f0ba4caee2d0a69ed0c5627"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: g1SB2w0eeAErdGeDln4RgrwLQFeR-NJwk9QL6bxta04xceDpDRbuvQ==

GET
H2 200 7e3bcccbe9be6061a65a6eb142929580.js Show response
nexus.ensighten.com/choozle/14963/code/ 2 KB
777 B 41ms
40ms Script
application/javascript 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/14963/code/7e3bcccbe9be6061a65a6eb142929580.js?conditionId0=421905
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/14963/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9186ad0839410bf3d20f3c5b242b36027562baac85ffb8cba18b50b6e4d7945d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 03:54:26 GMT
x-amz-version-id: 2qpHT3Mfre2gibxJy2uyesrW3J5FKny0
content-encoding: br
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 11832013
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 17 Aug 2021 20:01:10 GMT
server: AmazonS3
etag: W/"45d815f98cb1ba2123f41b1c2cacac1e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: dIbvsRdrUPJOfH3AYLNL7wd17c_pbFxn5c_xPjxJMMfd3tlt_IgXRg==

GET
H2 200 /
www.google.com/pagead/1p-user-list/1071691665/ 42 B
154 B 84ms
82ms Image
image/gif 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071691665/?random=1674268478490&cv=11&fst=1674266400000&bg=ffffff&guid=ON&async=1&gtm=2wg1i0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&tiba=Inglourious%20Drivers%20%E2%80%93%20A%20Journey%20of%20Finding%20Vulnerabilities%20in%20Drivers&fmt=3&is_vtc=1&random=1363037504&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 02:34:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1071691665/ 42 B
154 B 53ms
52ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1071691665/?random=1674268478490&cv=11&fst=1674266400000&bg=ffffff&guid=ON&async=1&gtm=2wg1i0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&tiba=Inglourious%20Drivers%20%E2%80%93%20A%20Journey%20of%20Finding%20Vulnerabilities%20in%20Drivers&fmt=3&is_vtc=1&random=1363037504&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 02:34:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK e95645b0dfc8130f437eded11f7ce8a187db58d6.m3u8 Show response
embedwistia-a.akamaihd.net/deliveries/ 2 KB
2 KB 200ms
49ms XHR
application/vnd.apple.mpegurl 2.18.79.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/e95645b0dfc8130f437eded11f7ce8a187db58d6.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.18.79.138 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-138.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7c3041e7194f567de48487d326ebaf940f0caddb9983843a50ba63238eb0e545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 02:34:38 GMT
Access-Control-Request-Method: *
surrogate-key: e95645b0dfc8130f437eded11f7ce8a187db58d6-hls-segment 575be076c6a7044102ef1f308349eab3ff93cb5d
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=31490217
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1761
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Expires: Sat, 20 Jan 2024 13:51:35 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&id=1511778&order_id=%5BORDER_ID%5D&seg=27404672&t=1&value=%5BREVENUE%5D
https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_TCF_CONSENT_STRING%5D%26id%3D1511778%26order_id%3D%255BORDER_ID%255D%26seg%3D27404672%26t%3D1%26value%3D%2...

0
1 KB

92ms
46ms

Script
application/javascript

185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_TCF_CONSENT_STRING%5D%26id%3D1511778%26order_id%3D%255BORDER_ID%255D%26seg%3D27404672%26t%3D1%26value%3D%255BREVENUE%255D

Protocol

HTTP/1.1

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Jan 2023 02:34:38 GMT
AN-X-Request-Uuid: 3cd1cf7c-23a8-4b57-8113-e554190c872c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 21 Jan 2023 02:34:38 GMT
AN-X-Request-Uuid: 3cd38abf-d864-4049-8754-879e0740653f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_TCF_CONSENT_STRING%5D%26id%3D1511778%26order_id%3D%255BORDER_ID%255D%26seg%3D27404672%26t%3D1%26value%3D%255BREVENUE%255D
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://map.go.affec.tv/map/af/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D63cb4f3e245da600012d0a5a%26chc%3Daf%26gdpr%3D%255BGDPR_APPLIES%255D%26gdpr_consent%3D%255BGDPR_TCF_CONSENT_S...
https://map.go.affec.tv/map/an/3128115332636874623?ch=63cb4f3e245da600012d0a5a&chc=af&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D&redirect_url=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&ch=63cb4f3e245da600012d0a5a&chc=af%7Can&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D&redirect_url=

70 B
265 B

184ms
56ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&ch=63cb4f3e245da600012d0a5a&chc=af%7Can&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D&redirect_url=
Protocol: H2
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 21 Jan 2023 02:34:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&ch=63cb4f3e245da600012d0a5a&chc=af%7Can&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D&redirect_url=
date: Sat, 21 Jan 2023 02:34:39 GMT
content-encoding: gzip
content-length: 216
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK 24646
cs.choozle.com/dp/chz/ 35 B
123 B 561ms
118ms Image
image/gif 52.86.41.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.choozle.com/dp/chz/24646?d=www.cyberark.com&cb=989739338
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.41.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-41-54.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 6RJ2KCUITBBDPLKE34TVGK Show response
d.adroll.com/consent/check/ 462 B
948 B 202ms
56ms Script
application/javascript 2a05:d018:cc3:fe04:e2c0:2f19:6496:9fa8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/6RJ2KCUITBBDPLKE34TVGK?pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&_s=204630b61755819d1ce7d7d74afee35c&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:e2c0:2f19:6496:9fa8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: 4ff40eab01b7a3a6dd59b4c127cc6df54e33e484ed6c7b0fd62299ee12735604

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Sat, 21 Jan 2023 02:34:38 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.0
content-length: 462
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

POST
H2 200 s45640145294408 Show response
cyberark.sc.omtrdc.net/b/ss/cyberarkproduction/1/JS-2.22.4-LCUM/ 43 B
390 B 166ms
51ms XHR
image/gif 15.236.117.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cyberark.sc.omtrdc.net/b/ss/cyberarkproduction/1/JS-2.22.4-LCUM/s45640145294408

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.117.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 02:34:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 22 Jan 2023 02:34:38 GMT
server: jag
etag: 3595464179335954432-4619846088600041641
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.cyberark.com
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 20 Jan 2023 02:34:38 GMT

GET
H2 200 pixel;r=1217074682;labels=_fp.event.Default;rf=0;a=p-qmdrChZDk_z9X;url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-i...
pixel.quantserve.com/ 35 B
371 B 76ms
41ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1217074682;labels=_fp.event.Default;rf=0;a=p-qmdrChZDk_z9X;url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1100568785-1674268478694;pbc=;ns=0;ce=1;qjs=1;qv=8508733c-20230116145555;cm=pdi;gdpr=0;ref=;d=cyberark.com;dst=0;et=1674268478840;tzo=0;ogl=type.article%2Ctitle.Inglourious%20Drivers%20%E2%80%93%20A%20Journey%20of%20Finding%20Vulnerabilities%20in%20Drivers%2Curl.https%3A%2F%2Fwww%252Ecyberark%252Ecom%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-jo%2Cdescription.TL%3BDR%20I%20discovered%20multiple%20bugs%20in%20OEM%20vendors%20for%20peripheral%20devices%252C%20which%20af%2Cimage.https%3A%2F%2Fwww%252Ecyberark%252Ecom%2Fwp-content%2Fuploads%2F2023%2F01%2Fhero-tr-digital-world-map%252Ejp%2Cimage%3Awidth.500%2Cimage%3Aheight.272;ses=e2200f95-876e-435f-a62a-edf48c66b827

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 02:34:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
816 B 76ms
45ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Jan 2023 02:34:38 GMT
AN-X-Request-Uuid: 45eb903b-729d-4986-8f18-d40e9a0a5a75
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.cyberark.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
203 B 86ms
48ms XHR
text/html 104.96.140.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-140-70.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:38 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.cyberark.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 19 B
254 B 211ms
58ms XHR
text/html 2a02:26f0:e300:182::1c91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300:182::1c91 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2ad83efd3b3987100da97f634d1cf0f23ba332b8ecb510a2af3883d224272216

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 02:34:39 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.cyberark.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a01:4a0:1338:92::4
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 19
expires: Sat, 21 Jan 2023 02:34:39 GMT

GET
H2 200 dc_pre=CM_uvI_Q1_wCFQqF1QodlrcDew;src=9920016;type=websi0;cat=websi0;ord=2325129079566;gtm=2od1i0;auiddc=*;~oref=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-driv...
adservice.google.com/ddm/fls/z/ Frame 9279 42 B
494 B 191ms
76ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM_uvI_Q1_wCFQqF1QodlrcDew;src=9920016;type=websi0;cat=websi0;ord=2325129079566;gtm=2od1i0;auiddc=*;~oref=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Requested by

Host: 9920016.fls.doubleclick.net
URL: https://9920016.fls.doubleclick.net/activityi;dc_pre=CM_uvI_Q1_wCFQqF1QodlrcDew;src=9920016;type=websi0;cat=websi0;ord=2325129079566;gtm=2od1i0;auiddc=2116949763.1674268476;~oref=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9920016.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 02:34:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 125ms
41ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=286320195733404&ev=PageView&dl=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&rl=&if=false&ts=1674268478900&sw=1600&sh=1200&v=2.9.94&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674268478899.2100670642&it=1674268478687&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 21 Jan 2023 02:34:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK seg-1-v1.ts Show response
embedwistia-a.akamaihd.net/deliveries/e95645b0dfc8130f437eded11f7ce8a187db58d6.m3u8/ 80 KB
80 KB 50ms
50ms XHR
video/mp2t 2.18.79.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/e95645b0dfc8130f437eded11f7ce8a187db58d6.m3u8/seg-1-v1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.18.79.138 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-138.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: aee1270927189f76c8f68d401d8036ab7ea1a0e0315340c397f966fb33a81769

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 02:34:38 GMT
Access-Control-Request-Method: *
surrogate-key: e95645b0dfc8130f437eded11f7ce8a187db58d6-hls-segment 575be076c6a7044102ef1f308349eab3ff93cb5d
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=31490293
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 81592
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Expires: Sat, 20 Jan 2024 13:52:51 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 256ms
248ms Image
image/gif 104.96.140.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=059bf2ba2b88e39bb3200769d2e411fc&svisitor=null&visitor=7fc59efc-e6c9-4e58-81b0-0ad3428221f1&session=7d0d9156-7582-40a2-80b2-15cfa03deea9&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Sat%2C%2021%20Jan%202023%2002%3A34%3A38%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22TL%3BDR%20I%20discovered%20multiple%20bugs%20in%20OEM%20vendors%20for%20peripheral%20devices%2C%20which%20affected%20many%20users%20of%20these%20OEM%20vendors%20(Razer%2C%20EVGA%2C%20MSI%2C%20AMI).%20Many%20of%20the%20vulnerabilities%20originated%20in%20a...%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Inglourious%20Drivers%20%E2%80%93%20A%20Journey%20of%20Finding%20Vulnerabilities%20in%20Drivers%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&pageViewId=df1a54d7-ae8b-4d9a-8524-6ca90f5650f0&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-140-70.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:39 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1

200
OK

UF4T22HPEREY5HIKIANYD3.js Show response
s.adroll.com/pixel/6RJ2KCUITBBDPLKE34TVGK/YLIX5GPR6BEUFEKQO55F32/
Redirect Chain

https://d.adroll.com/pixel/6RJ2KCUITBBDPLKE34TVGK/YLIX5GPR6BEUFEKQO55F32?adroll_fpc=2c2072efc0f4e42fcbcc74efb96652fb-1674268478981&pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark.com%2Freso...
https://s.adroll.com/pixel/6RJ2KCUITBBDPLKE34TVGK/YLIX5GPR6BEUFEKQO55F32/UF4T22HPEREY5HIKIANYD3.js

4 KB
2 KB

43ms
43ms

Script
text/javascript

2600:9000:211e:7a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/6RJ2KCUITBBDPLKE34TVGK/YLIX5GPR6BEUFEKQO55F32/UF4T22HPEREY5HIKIANYD3.js
Protocol: HTTP/1.1
Server: 2600:9000:211e:7a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52648e1d82bb4c16291740b411bcc0315a4bb9972046db0fe37d25d73c564e31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

X-Amz-Version-Id: qGb8j_cUmR.McYuwdkJzVi05UpOwmGWu
Content-Encoding: gzip
Via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
Date: Sat, 21 Jan 2023 02:34:39 GMT
Age: 2956
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 06:42:59 GMT
Server: AmazonS3
Etag: W/"c9efec12fc81d10943b773541c31dfce"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Dw8LFXA2U8F4WvPeR0NbqzR2m90UdoNiUvw50-jC-xo8N2gdLXdvjQ==

Redirect headers

date: Sat, 21 Jan 2023 02:34:39 GMT
x-segment-display-name: Threat Research Blog
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: s
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.22.0
x-rule: */resources/threat-research-blog/*
x-segment-eid: UF4T22HPEREY5HIKIANYD3
location: https://s.adroll.com/pixel/6RJ2KCUITBBDPLKE34TVGK/YLIX5GPR6BEUFEKQO55F32/UF4T22HPEREY5HIKIANYD3.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: YLIX5GPR6BEUFEKQO55F32
x-segment-name: a00be09a
x-advertisable-eid: 6RJ2KCUITBBDPLKE34TVGK
x-conversion-currency

GET
H2 200 YLIX5GPR6BEUFEKQO55F32
ipv4.d.adroll.com/px4/6RJ2KCUITBBDPLKE34TVGK/ 42 B
518 B 212ms
60ms Image
image/gif 54.74.252.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipv4.d.adroll.com/px4/6RJ2KCUITBBDPLKE34TVGK/YLIX5GPR6BEUFEKQO55F32?adroll_fpc=2c2072efc0f4e42fcbcc74efb96652fb-1674268478981&pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&cookie=&adroll_s_ref=&keyw=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.252.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-252-81.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 21 Jan 2023 02:34:39 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.0
content-length: 42
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/0v1kpom/u9beit9/ Frame FB80
Redirect Chain

https://insight.adsrvr.org/tags/0v1kpom/u9beit9/iframe
https://d1eoo1tco6rr5e.cloudfront.net/0v1kpom/u9beit9/iframe

138 B
668 B

134ms
40ms

Document
text/html

143.204.205.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/0v1kpom/u9beit9/iframe
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/14963/code/662433978d45e21970b804bbfa51742f.js?conditionId0=4910939&conditionId1=4910940
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-113.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93e2856e540b7faf4767d1291492324c43994be69562b8d1d9be07de8e2e40e4

Request headers

Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 80317
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Fri, 20 Jan 2023 04:16:03 GMT
ETag: "d45046dc61fcd53aaf217c2c9496ec77"
Last-Modified: Fri, 01 Oct 2021 23:43:18 GMT
Server: AmazonS3
Via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
X-Amz-Cf-Id: V-GlCxDA9QGBqJAKH3d1SGclYMZM8vyeMq1Burk6ZOpdk4H028HyRg==
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 183
content-type: text/html; charset=UTF-8
date: Sat, 21 Jan 2023 02:34:39 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/0v1kpom/u9beit9/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
BLOB 200
OK 3b56d226-f1eb-4131-9e27-a1855b3bc701
https://www.cyberark.com/ 89 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cyberark.com/3b56d226-f1eb-4131-9e27-a1855b3bc701
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d5d1ed19c5edb1e57229499d407de174ba80ee3dac4a8b163961e83524b51a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 91220
Content-Type: text/javascript

GET
H/1.1 200
OK ea1b7d3c1b397c1e5bb1e37f24446559a926d6c8.m3u8 Show response
embedwistia-a.akamaihd.net/deliveries/ 2 KB
2 KB 50ms
50ms XHR
application/vnd.apple.mpegurl 2.18.79.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/ea1b7d3c1b397c1e5bb1e37f24446559a926d6c8.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.18.79.138 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-138.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1be31c2c4c8bd1e567f7bde710f337602c914ffe40db1bff9dc2c41969ae54a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 02:34:39 GMT
Access-Control-Request-Method: *
surrogate-key: ea1b7d3c1b397c1e5bb1e37f24446559a926d6c8-hls-segment 575be076c6a7044102ef1f308349eab3ff93cb5d
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=31495644
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 1761
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Expires: Sat, 20 Jan 2024 15:22:03 GMT

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 65 B
292 B 117ms
117ms Stylesheet
text/css 54.243.239.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.239.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-239-236.compute-1.amazonaws.com
Software: /
Resource Hash: ad77ef992551ab70247b298cbc7c013a4cc763fbfb9d04596ef1ef54ce476e3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 21 Jan 2023 02:34:39 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 472ms
118ms Fetch
image/jpeg 54.243.239.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.239.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-239-236.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 21 Jan 2023 02:34:39 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 259ms
259ms Image
image/gif 104.96.140.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=059bf2ba2b88e39bb3200769d2e411fc&svisitor=null&visitor=7fc59efc-e6c9-4e58-81b0-0ad3428221f1&session=7d0d9156-7582-40a2-80b2-15cfa03deea9&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A1338%3A92%3A%3A4%22%7D&isIframe=false&m=%7B%22description%22%3A%22TL%3BDR%20I%20discovered%20multiple%20bugs%20in%20OEM%20vendors%20for%20peripheral%20devices%2C%20which%20affected%20many%20users%20of%20these%20OEM%20vendors%20(Razer%2C%20EVGA%2C%20MSI%2C%20AMI).%20Many%20of%20the%20vulnerabilities%20originated%20in%20a...%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Inglourious%20Drivers%20%E2%80%93%20A%20Journey%20of%20Finding%20Vulnerabilities%20in%20Drivers%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&pageViewId=df1a54d7-ae8b-4d9a-8524-6ca90f5650f0&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-140-70.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:39 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 8 KB
3 KB 41ms
40ms Script
application/javascript 2600:9000:211e:7a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: d.adroll.com
URL: https://d.adroll.com/pixel/6RJ2KCUITBBDPLKE34TVGK/YLIX5GPR6BEUFEKQO55F32?adroll_fpc=2c2072efc0f4e42fcbcc74efb96652fb-1674268478981&pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&cookie=&adroll_s_ref=&keyw=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e5cf82e4a17e79c80c6f17c3fff873756de944e1301fa01c1d03aba1e359669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

X-Amz-Version-Id: wG3UJevK_dyyBSOJeVU2_V1xC3jx_aLw
Content-Encoding: gzip
Via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
Date: Fri, 20 Jan 2023 17:30:40 GMT
Age: 32640
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 21:48:50 GMT
Server: AmazonS3
Etag: W/"9f2aa6ae991d93164d9512029d813cad"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 1E3hmLJe-OoLtM61ArHCh7--XiaIZL0TmKKX7GfImJSjwA2zc4rcjg==

GET
H3 200 232451557177467 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 98ms
97ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/232451557177467?v=2.9.94&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3f479a0a0d8937b79d478eb59937173685183cacef605a47516d33d93f667c82

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 21 Jan 2023 02:34:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: G909TxdaIn2b1s55D9JlxGa2zWvrR3nXNL0nciGrss4mf33xjf3aee2A69xtVqInqMolNUjo8TueBDgt03XNNA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=2c2072efc0f4e42fcbcc74efb96652fb-1674268478981&pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=twtnsCQCF_HVPdk_sVRjSw
https://d.adroll.com/cm/g/in

42 B
554 B

63ms
62ms

Image
image/gif

2a05:d018:cc3:fe04:e2c0:2f19:6496:9fa8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Server: 2a05:d018:cc3:fe04:e2c0:2f19:6496:9fa8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 02:34:39 GMT
server: nginx/1.22.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Sat, 21 Jan 2023 02:34:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://d.adroll.com/cm/g/in
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/x,b,index,l,o,outbrain,pubmatic,n,taboola,triplelift,r/out?adroll_fpc=2c2072efc0f4e42fcbcc74efb96652fb-1674268478981&pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark....
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjcwYjY3YjAyNDAyMTdmMWQ1M2RkOTNmYjE1NDYzNGI&gdpr=1&gdpr_consent=

0
0

489ms
111ms

Image
application/json

70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjcwYjY3YjAyNDAyMTdmMWQ1M2RkOTNmYjE1NDYzNGI&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjcwYjY3YjAyNDAyMTdmMWQ1M2RkOTNmYjE1NDYzNGI&gdpr=1&gdpr_consent=
pragma: no-cache
date: Sat, 21 Jan 2023 02:34:39 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.0
content-length: 121
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=2c2072efc0f4e42fcbcc74efb96652fb-1674268478981&pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-...
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YjcwYjY3YjAyNDAyMTdmMWQ1M2RkOTNmYjE1NDYzNGI&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
125 B

174ms
42ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YjcwYjY3YjAyNDAyMTdmMWQ1M2RkOTNmYjE1NDYzNGI&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:39 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YjcwYjY3YjAyNDAyMTdmMWQ1M2RkOTNmYjE1NDYzNGI&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Sat, 21 Jan 2023 02:34:39 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.0
content-length: 169
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=2c2072efc0f4e42fcbcc74efb96652fb-1674268478981&pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-...
https://x.bidswitch.net/sync?dsp_id=44&user_id=YjcwYjY3YjAyNDAyMTdmMWQ1M2RkOTNmYjE1NDYzNGI
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YjcwYjY3YjAyNDAyMTdmMWQ1M2RkOTNmYjE1NDYzNGI

43 B
344 B

41ms
41ms

Image
image/gif

52.28.17.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YjcwYjY3YjAyNDAyMTdmMWQ1M2RkOTNmYjE1NDYzNGI
Protocol: H2
Server: 52.28.17.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-17-51.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YjcwYjY3YjAyNDAyMTdmMWQ1M2RkOTNmYjE1NDYzNGI
date: Sat, 21 Jan 2023 02:34:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=2c2072efc0f4e42fcbcc74efb96652fb-1674268478981&pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-...
https://ib.adnxs.com/setuid?entity=172&code=YjcwYjY3YjAyNDAyMTdmMWQ1M2RkOTNmYjE1NDYzNGI

43 B
1 KB

138ms
45ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=YjcwYjY3YjAyNDAyMTdmMWQ1M2RkOTNmYjE1NDYzNGI

Protocol

HTTP/1.1

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Jan 2023 02:34:39 GMT
AN-X-Request-Uuid: 4b4d2fd0-4975-4df0-a85e-fcd55e52e963
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.108; 80.255.7.108; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/setuid?entity=172&code=YjcwYjY3YjAyNDAyMTdmMWQ1M2RkOTNmYjE1NDYzNGI
pragma: no-cache
date: Sat, 21 Jan 2023 02:34:39 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.0
content-length: 93
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 56ms
55ms Image
image/gif 2a05:d018:cc3:fe04:e2c0:2f19:6496:9fa8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=2c2072efc0f4e42fcbcc74efb96652fb-1674268478981&pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&advertisable=6RJ2KCUITBBDPLKE34TVGK
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:e2c0:2f19:6496:9fa8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:39 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=2c2072efc0f4e42fcbcc74efb96652fb-1674268478981&pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-...
https://us-u.openx.net/w/1.0/sd?id=537103138&val=b70b67b0240217f1d53dd93fb154634b&gdpr=1&gdpr_consent=

43 B
273 B

138ms
48ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537103138&val=b70b67b0240217f1d53dd93fb154634b&gdpr=1&gdpr_consent=
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 02:34:39 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537103138&val=b70b67b0240217f1d53dd93fb154634b&gdpr=1&gdpr_consent=
pragma: no-cache
date: Sat, 21 Jan 2023 02:34:39 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.0
content-length: 108
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=2c2072efc0f4e42fcbcc74efb96652fb-1674268478981&pv=17898938463.315273&arrfrr=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=twtnsCQCF_HVPdk_sVRjSw
https://d.adroll.com/cm/g/in

42 B
554 B

68ms
68ms

Image
image/gif

2a05:d018:cc3:fe04:e2c0:2f19:6496:9fa8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Server: 2a05:d018:cc3:fe04:e2c0:2f19:6496:9fa8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Jan 2023 02:34:39 GMT
server: nginx/1.22.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Sat, 21 Jan 2023 02:34:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://d.adroll.com/cm/g/in
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
136 B 443ms
120ms XHR
text/plain 35.173.174.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.174.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-174-179.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sat, 21 Jan 2023 02:34:39 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

GET
H2 200 core Show response
js.driftt.com/ Frame 8AA7 2 KB
1 KB 161ms
160ms Document
text/html 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1674268500000/ey22i6m9p82y.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

1d9cb39b6e93354c4241847929865a91337d62693bc87311eae2ef9bc7e01783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 21 Jan 2023 02:34:39 GMT
etag: W/"898e3b476c627951b3501ab6fc58e1c8"
last-modified: Fri, 20 Jan 2023 15:41:58 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-id: wiV57DGDSdjQyQAWuQ--1wTOIgzivNGLhe0fxWzqVbFjgy-i04UXyA==
x-amz-cf-pop: VIE50-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: NTofkjPQF86jwC_.uSQcV7z5jNGyp7i_
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 19

GET
H2 200 chat Show response
js.driftt.com/core/ Frame F3A7 2 KB
1 KB 162ms
162ms Document
text/html 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1674268500000/ey22i6m9p82y.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

1d9cb39b6e93354c4241847929865a91337d62693bc87311eae2ef9bc7e01783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 21 Jan 2023 02:34:39 GMT
etag: W/"898e3b476c627951b3501ab6fc58e1c8"
last-modified: Fri, 20 Jan 2023 15:41:58 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-id: Bc4kMNGFDCzdUdv5swj4C6k1ZX4oEbsa4k10q63wWNDmDI0ZlmZblQ==
x-amz-cf-pop: VIE50-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: NTofkjPQF86jwC_.uSQcV7z5jNGyp7i_
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 18

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame FB80 70 B
260 B 61ms
60ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=0v1kpom&ct=0:u9beit9&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/0v1kpom/u9beit9/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 21 Jan 2023 02:34:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 54ms
54ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=232451557177467&ev=PageView&dl=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&rl=&if=false&ts=1674268479335&cd[segment_eid]=UF4T22HPEREY5HIKIANYD3&sw=1600&sh=1200&v=2.9.94&r=stable&ec=0&o=29&fbp=fb.1.1674268478899.2100670642&it=1674268478687&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 21 Jan 2023 02:34:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 64ms
63ms Image
image/gif 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=831677955&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&ul=en-us&de=UTF-8&dt=Inglourious%20Drivers%20%E2%80%93%20A%20Journey%20of%20Finding%20Vulnerabilities%20in%20Drivers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RTP&ea=Organization&el=Core-Backbone%20Gmbh&_u=aHBAgEABAAAAAEAEK~&jid=&gjid=&cid=1566863634.1674268476&tid=UA-44168172-9&_gid=1835699087.1674268476&gtm=2wg1i05SFWTH&cd6=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&cd7=&cd1=Core-Backbone%20Gmbh&z=1225180996

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 10:07:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59205
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 61ms
60ms Image
image/gif 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=831677955&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&ul=en-us&de=UTF-8&dt=Inglourious%20Drivers%20%E2%80%93%20A%20Journey%20of%20Finding%20Vulnerabilities%20in%20Drivers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RTP-Segments&ea=Gartner%20MQ%202020&el=Core-Backbone%20Gmbh&_u=aHBAgEABAAAAAEAEK~&jid=&gjid=&cid=1566863634.1674268476&tid=UA-44168172-9&_gid=1835699087.1674268476&gtm=2wg1i05SFWTH&cd6=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&cd7=&cd1=Core-Backbone%20Gmbh&z=1050287698

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 10:07:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59205
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 61ms
61ms Image
image/gif 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=831677955&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&ul=en-us&de=UTF-8&dt=Inglourious%20Drivers%20%E2%80%93%20A%20Journey%20of%20Finding%20Vulnerabilities%20in%20Drivers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RTP-Segments&ea=All%20visitors&el=Core-Backbone%20Gmbh&_u=aHBAgEABAAAAAEAEK~&jid=&gjid=&cid=1566863634.1674268476&tid=UA-44168172-9&_gid=1835699087.1674268476&gtm=2wg1i05SFWTH&cd6=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&cd7=&cd1=Core-Backbone%20Gmbh&z=1581762493

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 10:07:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59205
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 62ms
61ms Image
image/gif 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=831677955&t=event&ni=1&_s=5&dl=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&ul=en-us&de=UTF-8&dt=Inglourious%20Drivers%20%E2%80%93%20A%20Journey%20of%20Finding%20Vulnerabilities%20in%20Drivers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RTP-Segments&ea=Opt-In%20Campaign%20Audience&el=Core-Backbone%20Gmbh&_u=aHBAgEABAAAAAEAEK~&jid=&gjid=&cid=1566863634.1674268476&tid=UA-44168172-9&_gid=1835699087.1674268476&gtm=2wg1i05SFWTH&cd6=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&cd7=&cd1=Core-Backbone%20Gmbh&z=722376574

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jan 2023 10:07:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59205
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runtime~main.770f2291.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 6 KB
3 KB 49ms
46ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

17206f4499dd2435940bc7e63e172af5f0f4c7a4286824ab62beb1ceec91e469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 15:41:57 GMT
x-amz-version-id: ZZymJV26jqrdusn8XR2Pjk_c2Xa1XvRV
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 39162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 20 Jan 2023 15:16:49 GMT
server: istio-envoy
etag: W/"48d77ce5da4c0ec3e6fb46305a36b709"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WJYEZ9BdF-BMbfK3R8Cg6cbgxtxwTKcb4BKMLQWS3L_qIx6sWxVYVQ==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 35 KB
35 KB 56ms
53ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 01:43:02 GMT
x-amz-version-id: xgb3ilbx8AHh3YjZx6PcSiTykCh.y1Jm
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: VIE50-C2
age: 262297
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
content-length: 35552
last-modified: Tue, 17 Jan 2023 19:40:51 GMT
server: istio-envoy
etag: "6aa29962f34a8e117268142c7cc1cc3d"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JtIKo4VZOr8IPE20SxNxI3ToTgPZAlV7tIQJwfsrXZijmxeuBCHcgA==

GET
H2 200 main~493df0b3.e2d828bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 7 KB
3 KB 66ms
63ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.e2d828bd.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b4cfcb4d356ea5804502849bcafd4dfeb016947ea9a5f3702a2dc18faebe8d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 02:30:50 GMT
x-amz-version-id: 0bwi7_UpohMmxCiRNjjPigK5HtKpBWc6
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 86628
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 68
last-modified: Thu, 19 Jan 2023 21:26:27 GMT
server: istio-envoy
etag: W/"6e6f5840c8530be7b3929519b0020404"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: S5s9aZ_GXMsAHhiRQHT1l2dJKz88BEd4clyzZIrf0tDSp1BuZC7mhw==

GET
H2 200 runtime~main.770f2291.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 6 KB
3 KB 63ms
62ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

17206f4499dd2435940bc7e63e172af5f0f4c7a4286824ab62beb1ceec91e469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 15:41:57 GMT
x-amz-version-id: ZZymJV26jqrdusn8XR2Pjk_c2Xa1XvRV
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 39162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 20 Jan 2023 15:16:49 GMT
server: istio-envoy
etag: W/"48d77ce5da4c0ec3e6fb46305a36b709"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NHm1wz0q6bcWw_chK1vHIcUHZEL-g8mEJehOjKUnJOrrwqt5UMD64A==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 35 KB
35 KB 70ms
70ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 01:43:02 GMT
x-amz-version-id: xgb3ilbx8AHh3YjZx6PcSiTykCh.y1Jm
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: VIE50-C2
age: 262297
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
content-length: 35552
last-modified: Tue, 17 Jan 2023 19:40:51 GMT
server: istio-envoy
etag: "6aa29962f34a8e117268142c7cc1cc3d"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7tqFaFeRIIMt6msNnFPXKY7V3_QfxB2sY0KQH-rXfbO4YwAU_5j83g==

GET
H2 200 main~493df0b3.e2d828bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 7 KB
3 KB 91ms
91ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.e2d828bd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b4cfcb4d356ea5804502849bcafd4dfeb016947ea9a5f3702a2dc18faebe8d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 02:30:50 GMT
x-amz-version-id: 0bwi7_UpohMmxCiRNjjPigK5HtKpBWc6
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 86628
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 68
last-modified: Thu, 19 Jan 2023 21:26:27 GMT
server: istio-envoy
etag: W/"6e6f5840c8530be7b3929519b0020404"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bxgva-ZQVxR05_k8QWUnKfLBBWM_e794vmv2G7MmuMR-7ct4GrB8Cg==

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 421E 0
17 B 41ms
40ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.cyberark.com
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.cyberark.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 02:34:39 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 21 KB
6 KB 40ms
40ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f22394f867711a1c7bc1754ac44271073c2782cfd2d4072fc5a9f5182c105327

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:39 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2352
x-cache: HIT, HIT
content-length: 5623
x-served-by: cache-iad-kiad7000146-IAD, cache-hhn-etou8220078-HHN
x-browser-version: 109
last-modified: Fri, 20 Jan 2023 20:54:20 GMT
x-timer: S1674268480.503904,VS0,VE0
etag: "63caff7c-15f7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 40, 26

GET
H2 200 49.b6336d11.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 23 KB
8 KB 52ms
50ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/49.b6336d11.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

1cb2a3ed712d8fcfa64505237ae54ffe9f2f5d293f371f40871d830891568b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 02:08:13 GMT
x-amz-version-id: 7KP0.sV0VU9poKqqRqRxJLIooSGdKM4L
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 174386
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Wed, 18 Jan 2023 21:39:07 GMT
server: istio-envoy
etag: W/"8004ba5ba9fc99e5c559490658a3863f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VOmn-8C-aoOx6lgZzoA0zwnP_jrPqAp-JJ8M6WZa5h5g9-AmOu2bQw==

GET
H2 200 33.ae4de0a0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 36 KB
10 KB 55ms
53ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.ae4de0a0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e12404ccb0492da0a89fbda8db0ddb3c2358fcbd6d29b0c106ba840ca5f5e8ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 10:27:31 GMT
x-amz-version-id: M4a.Gk8NcuAbsFrpkYX6TN3W6AFO6lvV
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 1181228
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 39
last-modified: Thu, 05 Jan 2023 16:27:51 GMT
server: istio-envoy
etag: W/"db0cd5b66c52523e10b87a0c8a2db182"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IGpKFPnRiu9zRSl3_eTTpaHhO6ntF1wmDlqCwWZe4R2yqRA15rQeWg==

GET
H2 200 23.60057654.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 32 KB
33 KB 59ms
56ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.60057654.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

489eb2769765657c9325f65117f5c7b87ffc4eab547622608c12c8f6fd60df1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 01:50:15 GMT
x-amz-version-id: fnLA7CzoHeSg9FPWIY6UcQRMmRBC.wDx
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: VIE50-C2
age: 3545064
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
content-length: 33094
last-modified: Thu, 08 Dec 2022 20:10:50 GMT
server: istio-envoy
etag: "0e963aeeee70e63f5078955e6db860f3"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BqzPjtBccOb4cKltL1OAvXxMmJOjggvs9lJuNCTH3yWXxa_60kIg7A==

GET
H2 200 18.2ab31195.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 17 KB
6 KB 64ms
63ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.2ab31195.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

a0da3cdc4c400e5e5030c733b68bff8fddc8c4c82c2432330fa8cb858b16bd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:31 GMT
x-amz-version-id: zAXl.KaCXcAhqv65GsEJ51abgfa49A30
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 865388
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 50
last-modified: Thu, 05 Jan 2023 16:27:50 GMT
server: istio-envoy
etag: W/"09e4a870348ecb960c5807c49bbf0c16"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uHNqCVxiHA_B1XGiNX555fXYFtAihbC7upiJ6MhCm_CKZ4sbIsdg1w==

GET
H2 200 40.5fa801cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 25 KB
8 KB 66ms
63ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.5fa801cd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

759a08226cc8d5a5a89c64b7f814457ee6191384f30e4dc9cd123aaf279003fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 04:54:26 GMT
x-amz-version-id: AZx1zN8mxCmX9CgE5f64FVvS1b4M2Fdw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 1028413
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Thu, 05 Jan 2023 16:27:51 GMT
server: istio-envoy
etag: W/"e7d37d5ffc01767c10d8677c65ead60b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XzGRc_0k8ZtaSPbSvvSMqQZVpdueYX09TcKyH_e-dFcQEK3nae5HRQ==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 74 KB
23 KB 74ms
70ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 01:21:18 GMT
x-amz-version-id: Wk3PSQeixGqeN8TNbra_di0WEBmI.RAL
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 695601
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 147
last-modified: Wed, 11 Jan 2023 18:48:20 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vElnRFO3GIhlRJ-kzRMw5Ha0-uM2IPZk_pBE5ZtOYNrMqgz1eHEzGg==

GET
H2 200 25.8f107198.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 59 KB
19 KB 70ms
67ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 01:21:18 GMT
x-amz-version-id: GP3zxrl_yAzgSDcgmLp2sHu7x36eicSs
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 695601
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 49
last-modified: Wed, 11 Jan 2023 18:48:21 GMT
server: istio-envoy
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eryasQ0vvd8VNBsN7K3bsOpLHWlXnpiNLGMPrBzIxBjINURIQ0c-qg==

GET
H2 200 13.3e86f1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 91 KB
91 KB 78ms
75ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 02:33:05 GMT
x-amz-version-id: Kj5xjyJ2S25wJnkH_L0s9F2dT11QQdqu
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: VIE50-C2
age: 2332894
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 79
content-length: 92674
last-modified: Wed, 21 Dec 2022 21:28:25 GMT
server: istio-envoy
etag: "fdee1a560ca08e3d3702e14d8f1f0b82"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OhOT52wUKrFjzB5RqyZYAXeCyEK2ZgFhPQdXxky4Onob2fBQRsvSZQ==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 23 KB
7 KB 109ms
106ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 02:19:45 GMT
x-amz-version-id: M6aGjFv3klfPVRDkbMpJadZ6VPCCvrhv
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 519294
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 55
last-modified: Wed, 11 Jan 2023 18:48:20 GMT
server: istio-envoy
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vkRjBLnV4_sA8qU0UhuqsEcG8o9ay6iivtKBDKAL9gHPBcQnPpOimw==

GET
H2 200 17.d96f5704.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 62 KB
20 KB 111ms
108ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.d96f5704.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

66bee368cd16bf0d9a64e4252953d1179f42ad9bfcae08c8abc8b46e5d304b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 09:30:32 GMT
x-amz-version-id: V93gkE03KYl05B16xFEHmgoK5uuFdYMG
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 1011847
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 54
last-modified: Thu, 05 Jan 2023 16:27:50 GMT
server: istio-envoy
etag: W/"f7132278cd8921e8f42d2d92ca6e0510"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3RyOnMUQQ-ROTceKgxG5_Mf7kgVAS4oOH7FZsgkeAlj3dR5X28rYCw==

GET
H2 200 47.9d4808ed.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 105 KB
34 KB 110ms
107ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.9d4808ed.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

20997bd3984886e845f5a5e0d036f9808a5e30051f219705ef4e6ef1ef1b0f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 08:55:16 GMT
x-amz-version-id: vKFvtmmQ2rBOzaxSMXtvPcrhzzh4VlTP
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 754763
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 77
last-modified: Wed, 11 Jan 2023 18:48:21 GMT
server: istio-envoy
etag: W/"dfc66008c702c40fea0587f735010013"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kPJ7cWwWd-W61IUKkZv2en7RH-wQCllIrEnH0cp751V5eV0JktFMGg==

GET
H2 200 38.5941b51c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 12 KB
4 KB 111ms
108ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.5941b51c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

62eb2106959f57e67d6a5209dc51af437b7b61a4256fd93b1a822e4d606ef9ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 10:28:44 GMT
x-amz-version-id: 8YM30x1wKsoafwMgSlvvfHXG9ghvcsup
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 1181155
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Thu, 05 Jan 2023 16:27:51 GMT
server: istio-envoy
etag: W/"aa24724b97a516c589a05bc577d15db9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RJ4Y0_z9UzDIVO36rDQeOhB9PDJfhBeV1gd0DC4blE-N6YyFAS86Ag==

GET
H2 200 28.190877b8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 13 KB
6 KB 120ms
118ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.190877b8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 03:33:56 GMT
x-amz-version-id: gwTUAeh6e8qKGyBZZ9.w4MNKI3IglI0L
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 2156443
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 45
last-modified: Wed, 21 Dec 2022 21:28:26 GMT
server: istio-envoy
etag: W/"94c7e7cb2f40e10abeee8e28c0f68eb7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 70pjPC5YXpSCUEvIbdy6TvGfL84r6N-PcpmJeA2ChrZSLo09c4nT9A==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 17 KB
7 KB 122ms
120ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 01:13:21 GMT
x-amz-version-id: zOAox6Vc_Ym3qFU8f4tVTswDq7acGiGa
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 955278
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Thu, 05 Jan 2023 16:27:50 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uSIDcI-0_QNygF3gxq5YCzcngQ8K6W5CZxl9ciRiwd0F1mFhg3RfGg==

GET
H2 200 9.2f2cc2c4.chunk.css
js.driftt.com/core/assets/css/ Frame 8AA7 14 KB
3 KB 122ms
120ms Stylesheet
text/css 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.2f2cc2c4.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8ab6891019c69c729441517bed2c703ec68058f913e9fe0d9840617f89473421

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 16:39:29 GMT
x-amz-version-id: SDOQ.STtxlQaFoH.Cb_a99fOEu_ze5wP
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 1936509
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Wed, 28 Dec 2022 21:35:38 GMT
server: istio-envoy
etag: W/"dd670379de64b0621ee84574f3b8e73d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tuKOVeWDW5tTJSy0fO6zq6HanlG9im3myl2vIvk5gIVgJw9b1v0fZw==

GET
H2 200 9.e91643ca.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 79 KB
25 KB 124ms
122ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.e91643ca.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c65c0caf65a36c8bb25dddac082d92dc2d2629132cfb0097a59424d7f6faf156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:11:02 GMT
x-amz-version-id: PkxB_ze.l4CQMpj9FHArmo5rlwe.11vV
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 595417
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 61
last-modified: Wed, 11 Jan 2023 18:48:22 GMT
server: istio-envoy
etag: W/"7a8cb644b6f002369ea2a4288f2d0116"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yqjBO6lCvvw1De-dsMcwA0Ry0GydgR1IojnBVbBLSUzFxyOZEYnv6Q==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 8AA7 24 B
697 B 122ms
121ms Stylesheet
text/css 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 05:04:06 GMT
x-amz-version-id: Zuyj1vLGVV6fcpmOUbRryIbvGaTxPYpU
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: VIE50-C2
age: 1027833
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
content-length: 24
last-modified: Thu, 05 Jan 2023 16:27:48 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QHF0sKJ39oVc4TzDfYnq2vGd3bL4dnMSOfp1uVPFr3kiL9m6COKsCw==

GET
H2 200 15.c27d5cdb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 84 KB
22 KB 128ms
126ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.c27d5cdb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d8b3d826f3793d2ba2223ec319df98b1791ac39660a79ce9f824baccea3a1a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 14:58:29 GMT
x-amz-version-id: 4FkT26H7ulwaiDyOkjJro9gMa_gfTwCb
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 41770
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 20 Jan 2023 14:19:28 GMT
server: istio-envoy
etag: W/"437f7a1623560d2ecb44d1b97213f892"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: twrgGUQuB9U5K8GUD1DKrsEgYGUD7BNT5iZmHQTSjDBkKoDu_PLAFw==

GET
H2 200 24.aad0d437.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 49 KB
13 KB 140ms
139ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.aad0d437.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3f16f9377bbdc891c58ac508c0b6ed369635927186dcdf002ab72c75e2464f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 15:41:57 GMT
x-amz-version-id: 8Csr.GNZxFtWpB09gDDhfqItA3etT.TR
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 39162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 20 Jan 2023 15:16:47 GMT
server: istio-envoy
etag: W/"76cf2512ec41df528fd8e1ccbd0e4ac5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yPWHb_r69vsM-W6ChqKGV-iVbhC6JV0euVanlEMQB5jWjdPZEjMxtw==

GET
H2 200 16.3e130fa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 39 KB
13 KB 141ms
140ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.3e130fa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6bc43b246e3dc57e4cfd968a86dfa51b38471e05ee68d1d54abc0ecb84f34c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 15:41:57 GMT
x-amz-version-id: j6NVo9579MgGrjLTfYADjV7bC64fHUlh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 39162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 20 Jan 2023 15:16:46 GMT
server: istio-envoy
etag: W/"f75fbb687af43ea48a0b0b449e78118d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hQDOzMCvHORS64rWO-_O-j8XOPqjGEnqCLDg-Hicfm5D9zNcQ06Wzw==

GET
H2 200 49.b6336d11.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 23 KB
8 KB 119ms
119ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/49.b6336d11.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

1cb2a3ed712d8fcfa64505237ae54ffe9f2f5d293f371f40871d830891568b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 02:08:13 GMT
x-amz-version-id: 7KP0.sV0VU9poKqqRqRxJLIooSGdKM4L
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 174386
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Wed, 18 Jan 2023 21:39:07 GMT
server: istio-envoy
etag: W/"8004ba5ba9fc99e5c559490658a3863f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TWZ3-9Rjj5FcgbEfwiCVP0Yqyudke1leairK2eADmOQ6h8vGK3xnrw==

GET
H2 200 33.ae4de0a0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 36 KB
10 KB 120ms
119ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.ae4de0a0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e12404ccb0492da0a89fbda8db0ddb3c2358fcbd6d29b0c106ba840ca5f5e8ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 10:27:31 GMT
x-amz-version-id: M4a.Gk8NcuAbsFrpkYX6TN3W6AFO6lvV
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 1181228
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 39
last-modified: Thu, 05 Jan 2023 16:27:51 GMT
server: istio-envoy
etag: W/"db0cd5b66c52523e10b87a0c8a2db182"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JmXtzIoBFhwa6xQBL2OOEBViU-TYITdHOoRRHcYqoveL4Ni5hS95pw==

GET
H2 200 23.60057654.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 32 KB
33 KB 120ms
120ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.60057654.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

489eb2769765657c9325f65117f5c7b87ffc4eab547622608c12c8f6fd60df1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 01:50:15 GMT
x-amz-version-id: fnLA7CzoHeSg9FPWIY6UcQRMmRBC.wDx
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: VIE50-C2
age: 3545064
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
content-length: 33094
last-modified: Thu, 08 Dec 2022 20:10:50 GMT
server: istio-envoy
etag: "0e963aeeee70e63f5078955e6db860f3"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wRsk7En8tFtVeGjHakFYkxlmaRwH4GdVjYfz3MbBPHA19TWLYfZdIg==

GET
H2 200 18.2ab31195.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 17 KB
6 KB 120ms
120ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.2ab31195.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

a0da3cdc4c400e5e5030c733b68bff8fddc8c4c82c2432330fa8cb858b16bd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 02:11:31 GMT
x-amz-version-id: zAXl.KaCXcAhqv65GsEJ51abgfa49A30
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 865388
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 50
last-modified: Thu, 05 Jan 2023 16:27:50 GMT
server: istio-envoy
etag: W/"09e4a870348ecb960c5807c49bbf0c16"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IKLLnQt-o_LCDk-FTkQ8Cvq6D5DdaOjSVETgeG0tETP57zqdRtWlYg==

GET
H2 200 40.5fa801cd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 25 KB
8 KB 120ms
120ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.5fa801cd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

759a08226cc8d5a5a89c64b7f814457ee6191384f30e4dc9cd123aaf279003fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 04:54:26 GMT
x-amz-version-id: AZx1zN8mxCmX9CgE5f64FVvS1b4M2Fdw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 1028413
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Thu, 05 Jan 2023 16:27:51 GMT
server: istio-envoy
etag: W/"e7d37d5ffc01767c10d8677c65ead60b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 98jgf_8mlrJ1el26pSjV3jKyj866DwwtjhqYkD5FedBHaOZn0bQVCg==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 74 KB
23 KB 121ms
120ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 01:21:18 GMT
x-amz-version-id: Wk3PSQeixGqeN8TNbra_di0WEBmI.RAL
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 695601
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 147
last-modified: Wed, 11 Jan 2023 18:48:20 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: K-I9QZXrf9fth_fZHFzsfQ0qAFdyYQwvAwyT_0TjdPApOL7KPAijxw==

GET
H2 200 25.8f107198.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 59 KB
19 KB 121ms
120ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 01:21:18 GMT
x-amz-version-id: GP3zxrl_yAzgSDcgmLp2sHu7x36eicSs
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 695601
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 49
last-modified: Wed, 11 Jan 2023 18:48:21 GMT
server: istio-envoy
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: REjXzds-kFhWWpKv2tIyxekIPUPJ5ON7I-GTWqgvf6IpKQFCeuX-4A==

GET
H2 200 13.3e86f1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 91 KB
91 KB 123ms
123ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 02:33:05 GMT
x-amz-version-id: Kj5xjyJ2S25wJnkH_L0s9F2dT11QQdqu
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: VIE50-C2
age: 2332894
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 79
content-length: 92674
last-modified: Wed, 21 Dec 2022 21:28:25 GMT
server: istio-envoy
etag: "fdee1a560ca08e3d3702e14d8f1f0b82"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HyO1I6UlRMdT_65eAPxTFOXszbz2NN_3A8IzlG6kdHWhlNXKV-JRig==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 23 KB
7 KB 131ms
131ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 02:19:45 GMT
x-amz-version-id: M6aGjFv3klfPVRDkbMpJadZ6VPCCvrhv
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 519294
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 55
last-modified: Wed, 11 Jan 2023 18:48:20 GMT
server: istio-envoy
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NnE68n_53dUYlhd-A1ULitBJ1_Hbwq48wjkKrJcySb2NP2radWw5Nw==

GET
H2 200 17.d96f5704.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 62 KB
20 KB 137ms
137ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.d96f5704.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

66bee368cd16bf0d9a64e4252953d1179f42ad9bfcae08c8abc8b46e5d304b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 09:30:32 GMT
x-amz-version-id: V93gkE03KYl05B16xFEHmgoK5uuFdYMG
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 1011847
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 54
last-modified: Thu, 05 Jan 2023 16:27:50 GMT
server: istio-envoy
etag: W/"f7132278cd8921e8f42d2d92ca6e0510"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: poehdUY8RfqrYEDYiDYWouGH9PVsPt8hjjczDlZBmTBR2v4PGq6r9w==

GET
H2 200 47.9d4808ed.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 105 KB
34 KB 139ms
138ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.9d4808ed.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

20997bd3984886e845f5a5e0d036f9808a5e30051f219705ef4e6ef1ef1b0f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 08:55:16 GMT
x-amz-version-id: vKFvtmmQ2rBOzaxSMXtvPcrhzzh4VlTP
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 754763
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 77
last-modified: Wed, 11 Jan 2023 18:48:21 GMT
server: istio-envoy
etag: W/"dfc66008c702c40fea0587f735010013"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cZO7x9GWhvq7-F6zdPGjm3pXLPqMPiHL9AlR6YtJvjZJR8nyqmOIoA==

GET
H2 200 38.5941b51c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 12 KB
4 KB 141ms
140ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.5941b51c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

62eb2106959f57e67d6a5209dc51af437b7b61a4256fd93b1a822e4d606ef9ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 10:28:44 GMT
x-amz-version-id: 8YM30x1wKsoafwMgSlvvfHXG9ghvcsup
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 1181155
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Thu, 05 Jan 2023 16:27:51 GMT
server: istio-envoy
etag: W/"aa24724b97a516c589a05bc577d15db9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zpn0JmXKdv-I-BVwGN0gOiCHSvS8qaGHBLtqxIy6gCT-BDq2o-DCPQ==

GET
H2 200 28.190877b8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 13 KB
6 KB 142ms
140ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.190877b8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 03:33:56 GMT
x-amz-version-id: gwTUAeh6e8qKGyBZZ9.w4MNKI3IglI0L
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 2156443
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 45
last-modified: Wed, 21 Dec 2022 21:28:26 GMT
server: istio-envoy
etag: W/"94c7e7cb2f40e10abeee8e28c0f68eb7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cHJD9TY_z9ipW-GniPBZidWm4RV90K06xBl5cYpw2rrM4Oq5kfUsvA==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 17 KB
7 KB 142ms
140ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 01:13:21 GMT
x-amz-version-id: zOAox6Vc_Ym3qFU8f4tVTswDq7acGiGa
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 955278
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Thu, 05 Jan 2023 16:27:50 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PLzdVV2dOcLMN0v9EkEIHhkwsFN_AwhlWOzsBkP-hy7l6LzBVyyjOQ==

GET
H2 200 9.2f2cc2c4.chunk.css
js.driftt.com/core/assets/css/ Frame F3A7 14 KB
3 KB 142ms
141ms Stylesheet
text/css 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.2f2cc2c4.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8ab6891019c69c729441517bed2c703ec68058f913e9fe0d9840617f89473421

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 16:39:29 GMT
x-amz-version-id: SDOQ.STtxlQaFoH.Cb_a99fOEu_ze5wP
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 1936509
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Wed, 28 Dec 2022 21:35:38 GMT
server: istio-envoy
etag: W/"dd670379de64b0621ee84574f3b8e73d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UZ1-3iNnOrW0YFL7MShtrVMLHmFIeaf9Lm33YHlY8GaYrI5WIzMzDw==

GET
H2 200 9.e91643ca.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 79 KB
25 KB 143ms
142ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.e91643ca.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c65c0caf65a36c8bb25dddac082d92dc2d2629132cfb0097a59424d7f6faf156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 05:11:02 GMT
x-amz-version-id: PkxB_ze.l4CQMpj9FHArmo5rlwe.11vV
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 595417
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 61
last-modified: Wed, 11 Jan 2023 18:48:22 GMT
server: istio-envoy
etag: W/"7a8cb644b6f002369ea2a4288f2d0116"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LWUT6YKhddKWPuTXT9LNcTrvqlGGof0rOS_2h1lJXCB51VBj4X1paA==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame F3A7 24 B
697 B 143ms
141ms Stylesheet
text/css 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 05:04:06 GMT
x-amz-version-id: Zuyj1vLGVV6fcpmOUbRryIbvGaTxPYpU
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: VIE50-C2
age: 1027833
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
content-length: 24
last-modified: Thu, 05 Jan 2023 16:27:48 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: w_3NuxZZy-0unYHh74d0Tb3Kw51QVrCfFYpCDteQA827-kFKiuin6Q==

GET
H2 200 15.c27d5cdb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 84 KB
22 KB 145ms
144ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.c27d5cdb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d8b3d826f3793d2ba2223ec319df98b1791ac39660a79ce9f824baccea3a1a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 14:58:29 GMT
x-amz-version-id: 4FkT26H7ulwaiDyOkjJro9gMa_gfTwCb
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 41770
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 20 Jan 2023 14:19:28 GMT
server: istio-envoy
etag: W/"437f7a1623560d2ecb44d1b97213f892"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qhdu0tPV0_YPsRRaAr5WOC4lhxfp6jTXHQkOhjmfGbbPVU0hTu1ffw==

GET
H2 200 24.aad0d437.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 49 KB
13 KB 147ms
146ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.aad0d437.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3f16f9377bbdc891c58ac508c0b6ed369635927186dcdf002ab72c75e2464f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 15:41:57 GMT
x-amz-version-id: 8Csr.GNZxFtWpB09gDDhfqItA3etT.TR
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 39162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 20 Jan 2023 15:16:47 GMT
server: istio-envoy
etag: W/"76cf2512ec41df528fd8e1ccbd0e4ac5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7_29ABjcUc8y8dTytVRzzs8BIuDxHDgce4r5XSmZyk0AlgbmFnYMhQ==

GET
H2 200 16.3e130fa5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 39 KB
13 KB 148ms
147ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.3e130fa5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6bc43b246e3dc57e4cfd968a86dfa51b38471e05ee68d1d54abc0ecb84f34c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 15:41:57 GMT
x-amz-version-id: j6NVo9579MgGrjLTfYADjV7bC64fHUlh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 39162
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 20 Jan 2023 15:16:46 GMT
server: istio-envoy
etag: W/"f75fbb687af43ea48a0b0b449e78118d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: STUvNMH_4nFpxT-pLa7IpsjbBIjta2wn5DvKxwiED4vZEzLoDldrwA==

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 138 B
443 B 117ms
117ms XHR
text/plain 54.243.239.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=hLcqEj_jyS_TFE6yvRCw0w&is_js=true&landing_url=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&t=Inglourious%20Drivers%20%E2%80%93%20A%20Journey%20of%20Finding%20Vulnerabilities%20in%20Drivers&tip=fpcCcufoQVcaZlSORjjvUOv7-Gs7FOz_lAQrFJWenEY&host=https://www.cyberark.com&sa_conv_data_css_value=%20%220-52d372ce-c609-4a54-6104-a40479cf090f%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9b2812e85dd6b41825f336724c640f9ee50ff076c&sa-user-id-v2=s%253AUtNyzsYJSlRhBKQEec8JD1D_B2w.MZlWfa6HesjpgfR4yOWigP%252BbcaPwz3gz1yikUpdjo9k&sa-user-id=s%253A0-52d372ce-c609-4a54-6104-a40479cf090f.cZ%252Bp7i0KWckt601bH%252FAY7eioOCT2dIZaYFs0gZCigSc
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.239.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-239-236.compute-1.amazonaws.com
Software: /
Resource Hash: dbc5a684c09f1c4fe966b2f65c9d516b79520d28870b58bcda3d83364e04b835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 02:34:39 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.cyberark.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 138

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 9 KB
3 KB 46ms
45ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 09:05:19 GMT
x-amz-version-id: HiRHmq_or95R1mfsaj8RuK5ClQLvRN6p
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 3346160
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Thu, 08 Dec 2022 20:10:48 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: K7cC3299tnGxczy2-rgnRbN5NpnQYCyJ0sqjIRiDTRl4Ng_TKXAnug==

GET
H2 200 26.64322869.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 35 KB
10 KB 48ms
47ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.64322869.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bc239bcea412c55851ac6940a5a87baf775d3fb1a21423eed175e03e90774c64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 08:26:05 GMT
x-amz-version-id: 0LSsVdlRCAokOBhM8TlS3ZFvtE8XCK0h
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 2138914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Wed, 21 Dec 2022 21:28:26 GMT
server: istio-envoy
etag: W/"744c4be1daa9277dcf54fdd19ba78200"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qqq-TtJxZ2jP9VX0_KPb_a8hay-OBqFt7bFeq1ERRmnvksPc54qXxQ==

GET
H2 200 27.9bf46b67.chunk.css
js.driftt.com/core/assets/css/ Frame 8AA7 8 KB
2 KB 47ms
46ms Stylesheet
text/css 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/27.9bf46b67.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 06:16:21 GMT
x-amz-version-id: r6ei6Lah6rNt9Uz6dqVNVzIy1gzA7ks4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 245898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Tue, 17 Jan 2023 19:40:47 GMT
server: istio-envoy
etag: W/"4f21faf2ba450e5fcdf7eda90813e185"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cnXdQp8NALBui9MobG6J8XMzJynomMTUjBfViVTeG7NHXS_J_fqe7A==

GET
H2 200 27.4f62ccd2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 14 KB
6 KB 49ms
48ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.4f62ccd2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

4b7fcc71f2345201fb332e802b071e396b05623d04d410bbc6f4b010c673f3bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 19:08:44 GMT
x-amz-version-id: OFj0CSJy_gjfV2IG5oyDRgWgTcN_K8Go
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 2100355
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 58
last-modified: Wed, 21 Dec 2022 21:28:26 GMT
server: istio-envoy
etag: W/"498de99279f37cba21c25b932e3787a3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5WHu1NU7qdP0VLGS05qjwcKEfDHPDub4-G_WThLd39qssmsXsNLb-Q==

GET
H2 200 19.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 8AA7 365 B
1 KB 46ms
46ms Stylesheet
text/css 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 02:30:51 GMT
x-amz-version-id: dAiRwrFoYVrZmVL_REtHWuHwAp5QnmMI
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: VIE50-C2
age: 86628
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 36
content-length: 365
last-modified: Thu, 19 Jan 2023 21:26:21 GMT
server: istio-envoy
etag: "06b2963b029c0824382815165bfea73e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tXPpSnDdYmio7XtJ2p4J1KGZ1vtQLuErj5M6MSXq11-hSC0yYNphag==

GET
H2 200 19.6cfbb4ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AA7 92 KB
26 KB 49ms
49ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.6cfbb4ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6171fc4bb1b01b1690900b75cc430cedf22eeb80cb803a012c189d1c934e3c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ey22i6m9p82y&eId=ey22i6m9p82y&region=US&forceShow=false&skipCampaigns=false&sessionId=9528801b-ffc0-4558-95ad-843df642fb32&sessionStarted=1674268479.238&campaignRefreshToken=3f81faff-8c98-40ca-89e7-fa124f55de68&hideController=false&pageLoadStartTime=1674268475215&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 14:58:30 GMT
x-amz-version-id: CEIslmsJZSe7cea7kOJkOpwH043YHmFS
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 41769
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 20 Jan 2023 14:19:28 GMT
server: istio-envoy
etag: W/"27094f59fa05480a3625851513658215"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mBl5btHOkU3chPxbyOBAGndVMLYVGqRJ9u4hcoxPCacLm5y95WbCqw==

GET
H2 200 35.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame F3A7 3 KB
1 KB 45ms
45ms Stylesheet
text/css 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/35.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 01:21:15 GMT
x-amz-version-id: hV7.1M4juTJV5aSAnH_OBJKbgtiIXDvv
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 4404
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Fri, 20 Jan 2023 15:16:44 GMT
server: istio-envoy
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: N49JeZ2M7u-NAH7JQWLnF0tGYFDXGFNLPg94vVuNy88tKV7nacH6Hg==

GET
H2 200 35.438351b2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 3 KB
2 KB 46ms
45ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.438351b2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d3c4b1d1abee7af1529758460c464a8721f281dfc899159dc36f521534d53fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 01:13:22 GMT
x-amz-version-id: 95xRKNGGpPw1n3dTllipqxdjF9cZ1IC.
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 955277
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 51
last-modified: Thu, 05 Jan 2023 16:27:51 GMT
server: istio-envoy
etag: W/"6d42b26d199471df6876d34dd3714424"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RNnHI5x3D3tiFjBjYv8PXLh8fPdO6gx1WL6JqtfsxT4f8jW9gKjFUg==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 9 KB
3 KB 45ms
45ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 09:05:19 GMT
x-amz-version-id: HiRHmq_or95R1mfsaj8RuK5ClQLvRN6p
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 3346160
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Thu, 08 Dec 2022 20:10:48 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _mETSdyoSznLyWnYPFLzixj_yIy-JhyKeoq6L6ukHgUrgSs7bcdBkQ==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame F3A7 7 KB
2 KB 46ms
46ms Stylesheet
text/css 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:03:55 GMT
x-amz-version-id: cLzhtaoyHBY3wArkFjIQo58tr5JO.o0k
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 1380644
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 47
last-modified: Thu, 29 Dec 2022 16:49:54 GMT
server: istio-envoy
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Sv0cPEynWOCVDptalY8FoaR3AK4CD2V8z9ijoHWZFwg-5aHC7gTiQQ==

GET
H2 200 3.f50b964b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 54 KB
15 KB 46ms
46ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 02:22:28 GMT
x-amz-version-id: XjyDJs7tJQ_66vN6EdQbFkXQ4j4BABRH
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 519131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
last-modified: Wed, 11 Jan 2023 18:48:21 GMT
server: istio-envoy
etag: W/"1ac37bf2b93050f29058b66a9ad43e10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kkjAGfQlaTNDZy9alq8Db6aSfZ5byOts_R_nMmWoODJDvgBGyNwb2g==

GET
H2 200 1.fbdab3a3.chunk.css
js.driftt.com/core/assets/css/ Frame F3A7 43 KB
7 KB 47ms
46ms Stylesheet
text/css 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.fbdab3a3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b22a1ebdf9aecea6f73860db0e9d184d96d28d85196efd42cfae5d8d0f103571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 01:13:23 GMT
x-amz-version-id: bRByhlU6EXI7PfCHRQWSzsDFV7IfMm0s
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 955276
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Thu, 05 Jan 2023 16:27:48 GMT
server: istio-envoy
etag: W/"6eae9d8917505f7858dc56cf0731728a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BBFtFDoqxftP4x3uhu5Pr9g3WmAbod4b0NVH8vUoP1yEpAmWXxaDjw==

GET
H2 200 1.2e27d274.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 73 KB
25 KB 48ms
47ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.2e27d274.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6aafe4dc4321bce762f863ce88aec5f7d4ed705477478be6510b0c2a48ef714e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 09:30:33 GMT
x-amz-version-id: YP4H6IMt722Sq5p_XmT4_7uAnZ8w86mq
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 1011846
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 53
last-modified: Thu, 05 Jan 2023 16:27:49 GMT
server: istio-envoy
etag: W/"a6d0fdb505a88f9c55049ebe66d7667a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JHNkKfNTo_hkZ4JbTuJ8QHRNbB8n92lTu5DAqlSQColNQR376OXcHQ==

GET
H2 200 32.a3318c5e.chunk.css
js.driftt.com/core/assets/css/ Frame F3A7 14 KB
3 KB 47ms
46ms Stylesheet
text/css 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.a3318c5e.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 02:30:51 GMT
x-amz-version-id: 4vkuWGT27IJfDq1PHR.H.ibT7nFJM5Dk
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 86627
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 47
last-modified: Thu, 19 Jan 2023 21:26:21 GMT
server: istio-envoy
etag: W/"b06e02b360914b25e58305b1b9b954dc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -3yKAzSQy8tRB5mF9LS33vkOxBWlKcblA-1CGaCJPSXYdp_qHeq-kg==

GET
H2 200 32.5f11aa12.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F3A7 12 KB
5 KB 48ms
48ms Script
application/javascript 13.32.110.22

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.5f11aa12.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.770f2291.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.22 , United States, ASN (),

Reverse DNS

server-13-32-110-22.vie50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

73b7536c82d23bd8bb1f28778009d16a26c9bb7624a3caf41289284aa33d54d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1674268475215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 05:07:21 GMT
x-amz-version-id: UmNeOKkk6k0Q77m5wmad_AIf0Wuwx7yw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8ce530783de74227d43f4646291541dc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 941237
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 39
last-modified: Thu, 05 Jan 2023 16:27:51 GMT
server: istio-envoy
etag: W/"77aab2343a041aad4aea245e60cde53f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q-Az6fOcpE6olKe6wyi5uhB7r5B34A7N7RzKgxQ5mpb8tOPGSB0ajw==

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 8AA7 162 B
259 B 121ms
121ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/49.b6336d11.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

b8f62e67333c47bda5644ad6c9a9dbfb884daca66790d3a5ce391315219381e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 21 Jan 2023 02:34:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 2b6981271875c92b
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 162

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 418ms
120ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Sat, 21 Jan 2023 02:34:40 GMT
requestid: drift619121241a2ad9071e001c462cf
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 253ms
253ms Image
image/gif 104.96.140.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=059bf2ba2b88e39bb3200769d2e411fc&svisitor=null&visitor=7fc59efc-e6c9-4e58-81b0-0ad3428221f1&session=7d0d9156-7582-40a2-80b2-15cfa03deea9&event=active_time_track&q=%7B%22currentTime%22%3A%22Sat%2C%2021%20Jan%202023%2002%3A34%3A39%20GMT%22%2C%22lastTrackTime%22%3A%22Sat%2C%2021%20Jan%202023%2002%3A34%3A38%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22TL%3BDR%20I%20discovered%20multiple%20bugs%20in%20OEM%20vendors%20for%20peripheral%20devices%2C%20which%20affected%20many%20users%20of%20these%20OEM%20vendors%20(Razer%2C%20EVGA%2C%20MSI%2C%20AMI).%20Many%20of%20the%20vulnerabilities%20originated%20in%20a...%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Inglourious%20Drivers%20%E2%80%93%20A%20Journey%20of%20Finding%20Vulnerabilities%20in%20Drivers%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&pageViewId=df1a54d7-ae8b-4d9a-8524-6ca90f5650f0&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-140-70.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:40 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 254ms
253ms Image
image/gif 104.96.140.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=059bf2ba2b88e39bb3200769d2e411fc&svisitor=null&visitor=7fc59efc-e6c9-4e58-81b0-0ad3428221f1&session=7d0d9156-7582-40a2-80b2-15cfa03deea9&event=active_time_track&q=%7B%22currentTime%22%3A%22Sat%2C%2021%20Jan%202023%2002%3A34%3A40%20GMT%22%2C%22lastTrackTime%22%3A%22Sat%2C%2021%20Jan%202023%2002%3A34%3A39%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222004%22%7D&isIframe=false&m=%7B%22description%22%3A%22TL%3BDR%20I%20discovered%20multiple%20bugs%20in%20OEM%20vendors%20for%20peripheral%20devices%2C%20which%20affected%20many%20users%20of%20these%20OEM%20vendors%20(Razer%2C%20EVGA%2C%20MSI%2C%20AMI).%20Many%20of%20the%20vulnerabilities%20originated%20in%20a...%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Inglourious%20Drivers%20%E2%80%93%20A%20Journey%20of%20Finding%20Vulnerabilities%20in%20Drivers%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&pageViewId=df1a54d7-ae8b-4d9a-8524-6ca90f5650f0&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.96.140.70 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-96-140-70.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 02:34:41 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET img.gif
b.6sc.co/v1/beacon/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: web-analytics.engagio.com
URL: https://web-analytics.engagio.com/js/ei.js

Domain: b.6sc.co
URL: https://b.6sc.co/v1/beacon/img.gif?token=059bf2ba2b88e39bb3200769d2e411fc&svisitor=null&visitor=7fc59efc-e6c9-4e58-81b0-0ad3428221f1&session=7d0d9156-7582-40a2-80b2-15cfa03deea9&event=active_time_track&q=%7B%22currentTime%22%3A%22Sat%2C%2021%20Jan%202023%2002%3A34%3A41%20GMT%22%2C%22lastTrackTime%22%3A%22Sat%2C%2021%20Jan%202023%2002%3A34%3A40%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223005%22%7D&isIframe=false&m=%7B%22description%22%3A%22TL%3BDR%20I%20discovered%20multiple%20bugs%20in%20OEM%20vendors%20for%20peripheral%20devices%2C%20which%20affected%20many%20users%20of%20these%20OEM%20vendors%20(Razer%2C%20EVGA%2C%20MSI%2C%20AMI).%20Many%20of%20the%20vulnerabilities%20originated%20in%20a...%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Inglourious%20Drivers%20%E2%80%93%20A%20Journey%20of%20Finding%20Vulnerabilities%20in%20Drivers%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers&pageViewId=df1a54d7-ae8b-4d9a-8524-6ca90f5650f0&an_uid=0

Verdicts & Comments Add Verdict or Comment

243 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/af	1969-12-31 23:59:59	Name: oo Value: 1
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
www.cyberark.com/	1969-12-31 23:59:59	Name: _MGZ_ Value: bn4uto4ltlloaek8nfer84kd15
www.cyberark.com/	1970-01-20 17:50:04	Name: pdf_event Value: WyJbe1widXVpZFwiOjIxNTY3MjE3Nzh9LDE3MDU4MDQ0NzVdIiwiMGM4NDNiMDFhZDhhYjlkYzM2ZDI5YzNlOGJlYzczNTMiXQ%3D%3D
.www.cyberark.com/	1970-01-20 17:50:04	Name: _ufav Value: e62ab9d33c604776b37ab45b065b083a
.www.cyberark.com/	1970-01-20 09:04:32	Name: _ufas Value: 60f5fc112a4740aaadfdf6aea44e0c6c
www.cyberark.com/	1970-01-20 09:04:30	Name: ufentry Value: 20230120.220435
.cyberark.com/	1970-01-20 11:14:04	Name: _gcl_au Value: 1.1.2116949763.1674268476
.cyberark.com/	1969-12-31 23:59:59	Name: at_check Value: true
.cyberark.com/	1969-12-31 23:59:59	Name: notice_behavior Value: expressed,eu
.cyberark.com/	1970-01-20 11:14:04	Name: _rdt_uuid Value: 1674268476448.e8902e4b-f870-405d-bf13-b52804916fcd
.cyberark.com/	1970-01-20 18:40:28	Name: _mkto_trk Value: id:316-CZP-275&token:_mch-cyberark.com-1674268476452-35014
.cyberark.com/	1970-01-20 18:40:28	Name: _ga Value: GA1.2.1566863634.1674268476
.cyberark.com/	1970-01-20 09:05:54	Name: _gid Value: GA1.2.1835699087.1674268476
.cyberark.com/	1970-01-20 09:04:28	Name: _dc_gtm_UA-44168172-9 Value: 1
.demdex.net/	1970-01-20 13:23:40	Name: demdex Value: 21656947488603019214280704014013884097
.cyberark.com/	1969-12-31 23:59:59	Name: AMCVS_9AB97041603F3EDB0A495C66%40AdobeOrg Value: 1
.cyberark.com/	1970-01-20 17:50:04	Name: _hjSessionUser_1200039 Value: eyJpZCI6ImE4YzE1YjUzLWRhOWEtNWMyYi1iZDcxLThhNTUyYWIyZGFhOCIsImNyZWF0ZWQiOjE2NzQyNjg0NzY3MDUsImV4aXN0aW5nIjpmYWxzZX0=
.cyberark.com/	1970-01-20 09:04:30	Name: _hjFirstSeen Value: 1
www.cyberark.com/	1970-01-20 09:04:28	Name: _hjIncludedInSessionSample Value: 0
.cyberark.com/	1970-01-20 09:04:30	Name: _hjSession_1200039 Value: eyJpZCI6ImM4MjRhY2VlLTk1OGUtNGY5Mi05ODc1LThkMzY1OWNkYTVmOCIsImNyZWF0ZWQiOjE2NzQyNjg0NzY3MTksImluU2FtcGxlIjpmYWxzZX0=
www.cyberark.com/	1970-01-20 09:04:28	Name: _hjIncludedInPageviewSample Value: 1
.cyberark.com/	1970-01-20 09:04:30	Name: _hjAbsoluteSessionInProgress Value: 0
.everesttech.net/	1970-01-20 17:50:04	Name: everest_g_v2 Value: g_surferid~Y8tPPAAAALVIJANn
.dpm.demdex.net/	1970-01-20 13:23:40	Name: dpm Value: 21656947488603019214280704014013884097
.cyberark.com/	1970-01-20 18:40:28	Name: AMCV_9AB97041603F3EDB0A495C66%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19379%7CMCMID%7C15119802776783149563575198902690001260%7CMCAAMLH-1674873276%7C6%7CMCAAMB-1674873276%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1674275676s%7CNONE%7CMCSYNCSOP%7C411-19386%7CvVersion%7C5.4.0
.cyberark.com/	1970-01-20 18:40:28	Name: mbox Value: session#9957535d95004e8c98a42a66d5e9960a#1674270337\|PC#9957535d95004e8c98a42a66d5e9960a.37_0#1737513277
.cyberark.com/	1970-01-20 18:40:28	Name: trwv.uid Value: cyberarksoftware-1674268477148-0c46393e%3A1
.cyberark.com/	1970-01-20 09:04:30	Name: trwsa.sid Value: cyberarksoftware-1674268477149-565d68de%3A1
prefmgr-cookie.truste-svc.net/	1970-01-20 09:04:28	Name: cookie_3rdparty Value: enabled
consent-pref.trustarc.com/	1970-01-20 09:04:28	Name: token_test Value: Sat Jan 21 2023 02:34:38 GMT+0000 (GMT)
.go.affec.tv/	1970-01-20 17:50:04	Name: ck Value: 63cb4f3ee2f43b0001360d44
.go.affec.tv/	1970-01-20 17:50:04	Name: oo Value: 1
.cyberark.com/	1970-01-20 09:04:30	Name: gpv_c51 Value: https%3A%2F%2Fwww.cyberark.com%2Fresources%2Fthreat-research-blog%2Finglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers
.cyberark.com/	1970-01-20 09:47:40	Name: s_nr30 Value: 1674268478805-New
.cyberark.com/	1969-12-31 23:59:59	Name: s_cc Value: true
www.cyberark.com/	1970-01-20 09:05:54	Name: ln_or Value: eyIxNzkwNiI6ImQifQ%3D%3D
.doubleclick.net/	1970-01-20 18:26:04	Name: IDE Value: AHWqTUnUrZlOHUyTBikRwSg_dn-xVbFehY4KO1LE1lleuM4f2ep97wXfPzGAK2jPEaM
.adnxs.com/	1970-01-20 11:14:04	Name: uuid2 Value: 3128115332636874623
.cyberark.com/	1970-01-20 11:14:04	Name: _fbp Value: fb.1.1674268478899.2100670642
.quantserve.com/	1970-01-20 18:34:42	Name: mc Value: 63cb4f3e-dad0e-ab93a-49d1c
.cyberark.com/	1970-01-20 18:28:57	Name: __qca Value: P0-1100568785-1674268478694
www.cyberark.com/	1970-01-20 09:14:33	Name: _an_uid Value: 0
www.cyberark.com/	1970-01-20 18:40:28	Name: _gd_visitor Value: 7fc59efc-e6c9-4e58-81b0-0ad3428221f1
www.cyberark.com/	1970-01-20 09:04:42	Name: _gd_session Value: 7d0d9156-7582-40a2-80b2-15cfa03deea9
.www.cyberark.com/	1970-01-20 17:50:26	Name: __adroll_fpc Value: 2c2072efc0f4e42fcbcc74efb96652fb-1674268478981
.linkedin.com/	1970-01-20 09:47:40	Name: UserMatchHistory Value: AQLOkB0xGutFOwAAAYXSLY3PgDastfPmsAgbbP55RPV3v7StFiABNI5jZuDkiUsUYMq3cBmuDNR68A
.linkedin.com/	1970-01-20 09:47:40	Name: AnalyticsSyncHistory Value: AQJmwK_Be6A__gAAAYXSLY3P9vg1szpNa_oedoJwtm95J93JUbi0b50cBHyCD0vWGL8nrnhWcFwk01AqUWb-bA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:50:04	Name: bcookie Value: "v=2&f2964a5a-e9a5-4bda-835b-6fa8da1f27a5"
.linkedin.com/	1970-01-20 09:05:54	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2467:u=1:x=1:i=1674268478:t=1674354878:v=2:sig=AQFiRPnlq-WpqH-ClXbKNxiJVO7z6n0N"
.go.affec.tv/	1970-01-20 17:50:04	Name: pt Value: eyJhbiI6eyJkdCI6MTY3NDI2ODQ3OSwiaWQiOiIzMTI4MTE1MzMyNjM2ODc0NjIzIiwibHMiOjE2NzQyNjg0Nzl9LCJ2IjowfQ==\|1674268479\|c55dbfc57f9ff4024848f8cd1dc0eeb50c7f63c1
tags.srv.stackadapt.com/	1970-01-20 17:50:04	Name: sa-user-id Value: s%3A0-52d372ce-c609-4a54-6104-a40479cf090f.cZ%2Bp7i0KWckt601bH%2FAY7eioOCT2dIZaYFs0gZCigSc
.srv.stackadapt.com/	1970-01-20 17:50:04	Name: sa-user-id-v2 Value: s%3AUtNyzsYJSlRhBKQEec8JD1D_B2w.MZlWfa6HesjpgfR4yOWigP%2BbcaPwz3gz1yikUpdjo9k
www.cyberark.com/	1970-01-20 17:50:04	Name: sa-user-id Value: s%253A0-52d372ce-c609-4a54-6104-a40479cf090f.cZ%252Bp7i0KWckt601bH%252FAY7eioOCT2dIZaYFs0gZCigSc
www.cyberark.com/	1970-01-20 17:50:04	Name: sa-user-id-v2 Value: s%253AUtNyzsYJSlRhBKQEec8JD1D_B2w.MZlWfa6HesjpgfR4yOWigP%252BbcaPwz3gz1yikUpdjo9k
.www.cyberark.com/	1970-01-20 17:50:04	Name: __ar_v4 Value: %7C6RJ2KCUITBBDPLKE34TVGK%3A20230120%3A1%7CYLIX5GPR6BEUFEKQO55F32%3A20230120%3A1%7CUF4T22HPEREY5HIKIANYD3%3A20230120%3A1
www.cyberark.com/	1970-01-20 09:04:30	Name: drift_campaign_refresh Value: 3f81faff-8c98-40ca-89e7-fa124f55de68
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:50:04	Name: bscookie Value: "v=1&202301210234399c2e9c4d-af7c-4dfc-81c8-d27d12098d95AQGWO-dGNNaNTKro4nHIYfs0CzeKdEiq"
.linkedin.com/	1970-01-20 13:23:40	Name: li_gc Value: MTswOzE2NzQyNjg0Nzk7MjswMjGv3dWwghfko30gW6hskFZELhAu7Hep7kMFgFp+10YjAg==
.adnxs.com/	1970-01-20 11:14:04	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2IldheOBr!]tdE8i_ipexoDI?dMM^]U<ws]DZFr2F>DM[X2-SLf$0s6FCNYW+L)(EV$E29B5)UhP]DKBIjltDH5xTD._PlZ[C[-kX-8xzc$
.6sc.co/	1970-01-20 18:40:28	Name: 6suuid Value: 645b6068212100003f4fcb634301000090e40a00
.d.adroll.com/	1970-01-20 18:33:16	Name: __adroll Value: b70b67b0240217f1d53dd93fb154634b-g_1674268479-a_1674268478
.adroll.com/	1970-01-20 18:33:16	Name: __adroll_shared Value: b70b67b0240217f1d53dd93fb154634b-g_1674268479-a_1674268478
.bidswitch.net/	1970-01-20 17:50:04	Name: tuuid Value: 195463ce-eb71-41be-a6aa-ea728109cc94
.bidswitch.net/	1970-01-20 17:50:04	Name: c Value: 1674268479
.bidswitch.net/	1970-01-20 17:50:04	Name: tuuid_lu Value: 1674268479

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://web-analytics.engagio.com/js/ei.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
worker	info	URL: blob:https://www.cyberark.com/3b56d226-f1eb-4131-9e27-a1855b3bc701 Message: [log] > Debug logs enabled for "main"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://www.cyberark.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

316-czp-275.mktoresp.com
9920016.fls.doubleclick.net
adservice.google.com
alb.reddit.com
assets.adobedtm.com
b.6sc.co
bootstrap.api.drift.com
c.6sc.co
cdn.linkedin.oribi.io
cdnjs.cloudflare.com
cihost.uberflip.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
content.cdntwrk.com
cs.choozle.com
cyberark.demdex.net
cyberark.sc.omtrdc.net
cyberark.tt.omtrdc.net
d.adroll.com
d1eoo1tco6rr5e.cloudfront.net
distillery.wistia.com
dpm.demdex.net
embed-ssl.wistia.com
embedwistia-a.akamaihd.net
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
go.affec.tv
googleads.g.doubleclick.net
ib.adnxs.com
in.hotjar.com
in.ml314.com
insight.adsrvr.org
ipv4.d.adroll.com
ipv6.6sc.co
j.6sc.co
js.driftt.com
map.go.affec.tv
match.adsrvr.org
ml314.com
munchkin.marketo.net
nexus.ensighten.com
pipedream.wistia.com
pixel.quantserve.com
prefmgr-cookie.truste-svc.net
px.ads.linkedin.com
px4.ads.linkedin.com
rtp-static.marketo.com
rules.quantcount.com
s.adroll.com
script.hotjar.com
secure.adnxs.com
secure.quantserve.com
sjrtp6-cdn.marketo.com
sjrtp6.marketo.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
sync.outbrain.com
tags.srv.stackadapt.com
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
web-analytics.engagio.com
www.cyberark.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
x.bidswitch.net
b.6sc.co
web-analytics.engagio.com
104.17.192.105
104.76.156.190
104.96.140.70
13.107.42.14
13.32.110.22
13.32.110.53
13.32.110.74
142.251.39.70
143.204.205.113
143.204.215.47
15.197.193.217
15.236.117.205
151.101.1.140
151.101.194.133
172.217.23.98
18.200.4.79
18.203.152.154
18.66.15.28
185.89.211.116
185.89.211.132
192.28.146.116
192.28.147.68
2.18.79.138
23.45.104.85
2600:9000:206f:3c00:12:53a8:95c0:93a1
2600:9000:206f:aa00:2:53b2:240:93a1
2600:9000:211e:7a00:6:9280:1080:93a1
2600:9000:223c:9400:6:44e3:f8c0:93a1
2606:4700::6811:190e
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9a
2a00:1450:400d:802::200e
2a00:1450:400d:808::2004
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2003
2a00:1450:400d:80e::2002
2a02:26f0:11a::6867:4832
2a02:26f0:e300:182::1c91
2a02:26f0:f700:495::1e80
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:400::622
2a04:4e42:600::396
2a05:d018:cc3:fe04:e2c0:2f19:6496:9fa8
3.126.56.137
3.208.35.2
3.248.94.213
3.33.220.150
3.84.64.118
34.111.234.236
34.240.159.52
34.249.28.111
34.98.64.218
35.173.174.179
44.195.150.192
50.16.7.188
52.28.17.51
52.48.61.43
52.51.77.206
52.86.41.54
54.243.239.236
54.74.252.81
65.9.66.111
65.9.66.24
65.9.66.38
70.42.32.63
99.86.4.35
01b67e0c7d556790fb010f16a6ddabcf05d483d00da56038aecaf0c10f1980eb
02e31622ca3c0fce95822a726c4f6b16b4bf328bc5b87e03be98c2ae3e2cb531
04d96cf54024c67fd5b5fbeae19cee6344c440d7fa2c8c86fa794c252edb95b2
08330120c6d9d4407fd599bae49187289878c557ed68e58d0e091fd5e1ac6c7f
083d618c7c2c89cc42cc2a72714ca19c7e4af3d0f164e17438194e5bd5761cc6
0e5cf82e4a17e79c80c6f17c3fff873756de944e1301fa01c1d03aba1e359669
0f291b48c679e4c033b4710f137ca5382256b632d6e7521a2c92b4ad9f18790c
11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24
17206f4499dd2435940bc7e63e172af5f0f4c7a4286824ab62beb1ceec91e469
187dd959c1c8b5b67dd697aa19ebe24c0973eae61cc3f93baea8f91220b72e40
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
1949ac2a3a7c887bead8687abd67fb1a33289922d0d7b081c797353d1cba540b
19871f24c2b42833f98f404c3f404c0cbc99f02c70e590303e9f269948d2a056
1aa7996197b13bddd9d45a179b5943219fb646007061d4b9209bdbd8c9aea142
1ba3a74eb74823f80c522391734fdeafebfbd2f284167568ad17e7d44b1618e3
1bb0a294ccb83bcb350ace8804b9666d13d73d040567e09c9a794de938d7a429
1be31c2c4c8bd1e567f7bde710f337602c914ffe40db1bff9dc2c41969ae54a6
1cb2a3ed712d8fcfa64505237ae54ffe9f2f5d293f371f40871d830891568b88
1d9cb39b6e93354c4241847929865a91337d62693bc87311eae2ef9bc7e01783
1f150486021d4182821249f13273a7a87862756e2b021e3d19121aaae6a2e09d
1fb7ee27fdfb34869f89aa51d9af1cf86ecc6800ab591ec3ca78f155742200b2
1fd56a753d2fc5aa18fc391ad597ad008c5c5a3c1af0c9c55e9294271ce4bc95
20997bd3984886e845f5a5e0d036f9808a5e30051f219705ef4e6ef1ef1b0f55
21c82b84add5c4948d4fa5e93cc10f6492e887bff706885aeb1efd29bf401a3f
224e4e013b7071882a4bb3f069b88294e85f1638cfdf8b557f2d62eaed0db93b
234f5e6b36c41a209c87e64949d11927b6360603b94ce3511c53df5bac0f4c26
24722df55f91d8e7328775aef459d5a69662d085cffa6a17341edbf0254c2a7b
25037e6b7c282bb93eb40d6af413e84acd76dd8a264ccfae5f71d910eb5a1035
25038265e790e4ee17e16018c71e3a315baa5975b36afefe5249f8310f6aa749
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
272a132751b16a1ce104fd0f7de7a260ea51361ba0bb2fee6b858977b87ff15b
278cd45917f5fee0e5710b34f2c03a3652544fe5a6ccea56cbbd0bd7324bf5e7
27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396
2ad83efd3b3987100da97f634d1cf0f23ba332b8ecb510a2af3883d224272216
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b01ae0442a80d4aa980667743285340122c3432880a4979476fe7d88ef7c37b
2d4305f2966b852ff429b31bf755d230a8dc4dc05891db275004a08fc4c55b29
2f5f9d511700318e988d3ef843afc49224162c8bb2435db7b9dc3590f525306f
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31df833090601f4d9362b74159cf6fe7a5a6790766873bf468bfc218a4fd716d
339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a
35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31
3decbe1c69b0f91d975610f54b2615be61a887c20f8ade1049be9743168198aa
3f16f9377bbdc891c58ac508c0b6ed369635927186dcdf002ab72c75e2464f1f
3f479a0a0d8937b79d478eb59937173685183cacef605a47516d33d93f667c82
41164ecc4643a94f1881912ddca649032a58a93bce844370c8e6369dbf246d7d
45aca110620ac12009925cac1e38aa4e71426a2b83ee7f356010069b45539d56
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
489eb2769765657c9325f65117f5c7b87ffc4eab547622608c12c8f6fd60df1b
49bdaf43b043fdd5e79f321a889502b341e83fb3d71caa9ec286369bcb205373
4b3a91da9161ab8ad49abcb2c9da8997c8f6c400c12468519614dfdfb41f4ef6
4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7fcc71f2345201fb332e802b071e396b05623d04d410bbc6f4b010c673f3bf
4bd0910a578e8549460dccbd0833d03cf0f7329c86b5e8dd7b554262656a3757
4c1ba239941c5018015ceb57916a5983ea6505b50216aefb817ccfb94654a339
4d5d1ed19c5edb1e57229499d407de174ba80ee3dac4a8b163961e83524b51a1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d
4edf0ada23eca10e2faf4439d6e230c01298e29fe968cf900110ffcf85293335
4ff40eab01b7a3a6dd59b4c127cc6df54e33e484ed6c7b0fd62299ee12735604
52648e1d82bb4c16291740b411bcc0315a4bb9972046db0fe37d25d73c564e31
5400f5efeb9aeb52584dd4192d59ee085d45455af8532bf560f8aa2f2decebbc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5567c5a47f8bbd27707bd2cffdb1679c292a07ccf09a8578e1b9eba7ab481cf3
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
579c0e329b6a1ba8a7d65f4f14d1532ced14c4171dd9f4eeb501bfb0eae7c955
5894a3649b213cf5b2d673b6e7a871815fd1d120fa68a463592f27db14eae323
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59a6841161dd1701535e2664d512b449cdff28e6217f933f2e051700d237a7a4
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
5d7d0628ed102d5bb2818efefd0635a8bb89281c58c0b6cd0b21ca1dd8b2c4d2
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e240679c3215c840cf754104fe7291c77f2f52ad551c95e8c8364d0124938ec
5f4da56894f714e58e6b742f6fda5f2153b3873c2b8cb14be8656394ddceb060
6151f62c314340a55f5cc5fb650538f2325f9516b69da4e3feb300515fc4072e
6171fc4bb1b01b1690900b75cc430cedf22eeb80cb803a012c189d1c934e3c37
61838330d2211d4b7e34d44ffd868f8206b7849df31c81e678391a36d603992d
62738b62849a46842f34013b8528886f10c8d0e1c9aec47d636e05d631e2f60e
62eb2106959f57e67d6a5209dc51af437b7b61a4256fd93b1a822e4d606ef9ce
634358d77171f485bb1738fce1bf1e715e2cd0a94b2c4f3d5c6dafccd0d1031a
6619ef277249ca9230cbc0315da9b41caa9f15996d143f7d1a77d52d901ce269
66bee368cd16bf0d9a64e4252953d1179f42ad9bfcae08c8abc8b46e5d304b24
66c708b80cab108a2fde84cac9677c07435537bc9d06085ccd1ac80cb93513b4
67e2f25233ffe02ea0a70301e7440e6371d8943ca3f759b1d128b590e7e9419b
68ce765660c81dbd7a18f42d7d41480f695a345e7ea9581b6acfa9ba3339c657
6aafe4dc4321bce762f863ce88aec5f7d4ed705477478be6510b0c2a48ef714e
6abf92ff9e0a1a724a6ed538868622935bbdc1d415f37307b9e4daa7b3934365
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bc43b246e3dc57e4cfd968a86dfa51b38471e05ee68d1d54abc0ecb84f34c8e
6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1
6df07acc4226892a09f5d94cfb28cd6f560b073f5fb5e4060fede31cba893989
6e6098f9e4e64f667bc006876813632d5ac79ac56e5284a95c9c821870907cad
7017acd2219db2073793fed0fe5cc1c96ae4f1883e9abebf4e0cfaf73474843c
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
727f7329c8911115e5a8991cc12a421ac0d22c761f2f2c737d8e7be425c5ea7a
7295944e0067d71c5d5276d397dc0299afb519f277ba644aec0b96343e4185d1
73b7536c82d23bd8bb1f28778009d16a26c9bb7624a3caf41289284aa33d54d7
74935268619be1f087ce67765abd72f80107125f23b346f7615cc9e6a19d4595
759a08226cc8d5a5a89c64b7f814457ee6191384f30e4dc9cd123aaf279003fd
76b378075dc07b1caa45424756cca2440fda08f8276c814effd5c738409fa06d
7b0e7a4bdf115afb8e8c5b9b671b0dc4441236f8cf56906d146b7d46a0ee14a8
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b7012dcb12ee2f3b165215c4766a7d393c8ca3e3da7a0621f4de062769ccf60
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7bef3f52ec80a7a2cab79fadfca88294e4d11ffc66e70e2ca700ef91ee5243d2
7c3041e7194f567de48487d326ebaf940f0caddb9983843a50ba63238eb0e545
7ef8a267de455c3a72237bf7db0c97c97e35e52452ff9ece15876d0d60f9c0e9
7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732
7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509
81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c24cdc38d0e64c40ade6b6fe8aa3d935b7bb9daa553242aeb78b0a9a187fc0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8605ba9973ec0ff450733faf2d77e8e07fa354bc4c0f6aff6c41c5e4c25835bb
860b18e91a3582792f23c9b2c9dbd64036c5545777e8bdbb81e6e76d2a926e4e
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
88b4bd1c3c8e9af6516b562e9679955ff48479ee6a5771e97ef425d1c5425e1f
89275a1c66640733265b5be89864b6daefef1cc3f275566dd8fd29bd66601a83
8a666e79762f97b3af716f2544db7f005cc15d9011f1785129d331afec795b11
8a8fe0b9ebd6a7ef7e3aa76cc9696d89bb0f2a283c901c5f57531e5c46c51ae5
8aab45b2e3226eb83ceed37f3f622529d0a6ca0a82d8dd9a4d1fb8e46ba84f83
8ab6891019c69c729441517bed2c703ec68058f913e9fe0d9840617f89473421
8af2cabc88dfe421769b70cbedd304bf081a290d9772767243b519ed867381cc
8b1e83dd093959871fe51f8e92a15b1f1e7dfc2d6da057aabf418e7f8d1798c6
8bcb1671142844b9c10b5247053d513b9110ad9e3ad7ec0b751d42c977611f83
8d2d9ec1ad59ec589ca38cad46c0c16cd28329394e5928aea4e0f73dab2f3d54
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
903a46ee5c7582595197c74cbda644ca7e45ef90e0f89bdfce0d3d6cb3a3bc77
9186ad0839410bf3d20f3c5b242b36027562baac85ffb8cba18b50b6e4d7945d
91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc
91b7152c2708e116677591b018f23ed2910c747e932f8985b704f1884d807990
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
93e2856e540b7faf4767d1291492324c43994be69562b8d1d9be07de8e2e40e4
952f35790a58d6c58cd01db0b7994f8b1e3f2d4328f8dd2ed423c01579d403c6
981b9a832bf924341ec53901dafa787b10ff3ce3dab6a4eb5808cc08b467752d
9880b1057df4dc2ce1fc004ef4a595c36bb258deb902610a945938196df166e2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9e70999bd0ed2afbb2967ca63898c752fc3e66ba8a86a4ac341723be85bb7319
9ec4ac872efb979ad2e4987aa9894a8892a6f112651b0153b4bb51182e8d2298
9f8a9da5e34be1cb7e9f5e99e82b6cb66eb9d84ecf66bef10ef06ef0f9321fd3
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0da3cdc4c400e5e5030c733b68bff8fddc8c4c82c2432330fa8cb858b16bd85
a117f36dba1eb2100f340bb68f3cc4d4c04d50d8a1d61c36a5d0a682aed9d362
a249bcffb2d8e92a3bdff919def43b14841803ad93b80ffa864db1090e007594
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a35f66e3c735f802aa18c069ed416ba8d2a7acd10e6c03d0d39af2cd1d2ec95a
a36681fe4fd06eb0856952cddb2047065db39f00e819dbf0e9715540083f8198
a654dbffdb656aacce15df139a6d2701ccae809fe7baab1ec042714bb6336eb9
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a966b18676fb1cebffcfc36906e05cb7935d4d1fe3ce5f7ec55bec4cb362b12e
aa1ea74fd5779b1a6348efd60cba5b6c915a1ea30c23b0be6dda90365fc59aeb
aa2a619cb70a41c4837eddb7d788c83c99cf6a56904708ade91ce406ace57d15
aaa5f0de6b862cd28ade79a2cf7dfb8c698695282e6045de51e0fb90cbb9e79d
abca0004f2960ea162b161a82240a139fce6012733a76f3859febb9bed38b420
ad77ef992551ab70247b298cbc7c013a4cc763fbfb9d04596ef1ef54ce476e3c
aee1270927189f76c8f68d401d8036ab7ea1a0e0315340c397f966fb33a81769
b014e4d5562d444e36750cc30291deded03d12aa2ed6680a65129131577aef4a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22a1ebdf9aecea6f73860db0e9d184d96d28d85196efd42cfae5d8d0f103571
b313ae8061f28844dbe89cf342e814be6d36a3668c784c2f45a78e33fae2f9da
b4cfcb4d356ea5804502849bcafd4dfeb016947ea9a5f3702a2dc18faebe8d54
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b8f62e67333c47bda5644ad6c9a9dbfb884daca66790d3a5ce391315219381e4
b96b944dbdb9c2afcdecae184e3bdc4717c30dc4f5d4624cfd1727461d6569fa
b98e0f76f97857fce1b3fbd8e9ed5775988e85fffd71dcc2422f8d012378ea34
ba63c7b71a9b46dcc6f157c0daa6e0f466e9eff0fa3c8a3310468dd31e2c72d1
baba8eacc7c69190a86365e6b229f270cd40c6f145b7d893422134ed156051c5
bc239bcea412c55851ac6940a5a87baf775d3fb1a21423eed175e03e90774c64
bce0acb7f0d34254c36e6e863f5709da68f3f40b5cccbe82488ff3fb20520998
c1a87e347886909899de64e8667abecd68cb24424d37da180ad938278a80e070
c1cd0852f3077f1b059e16529d8de16acb490990d6cb796dd74873de0bfd8a91
c31420493d6eb30dc84e63c79a997a5caeafdde0574b0a342c415bfd627b2d1a
c36238e5b009180cc921c5ba2ff09f131309a6d81eddb7ee4d882c79f75f48d1
c4075c29ce6b37940eff3682e883612aabc2b78e8ccfa4b9af84b9a90e4a7470
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c5e0f4cb831d8219ccff688e5914dfe2eea6debc95ecb8db552a982cec6c4857
c65c0caf65a36c8bb25dddac082d92dc2d2629132cfb0097a59424d7f6faf156
cacf589210d4361a42eed0c4a5ac94db9d22ac0a437db9bcccb8efadc06d71aa
cd2f6642d9c618ac73dedc1b90c09f5d8d2652130b858758afa695b96400597c
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d3c4b1d1abee7af1529758460c464a8721f281dfc899159dc36f521534d53fc6
d4761d421bbf2f059126b9ce4f5e0a9f7bc83b046a58162780a2b9c3ab8c9a56
d5c1ad551c121bee3ab5ec67df650f929a74368057152d6c09a12c6df0651dc6
d7ead427aca51c227410c4595b49b48dde8f9e76864b4f3fcb32861034b0c6a2
d8b3d826f3793d2ba2223ec319df98b1791ac39660a79ce9f824baccea3a1a0f
dbc5a684c09f1c4fe966b2f65c9d516b79520d28870b58bcda3d83364e04b835
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcee21aa7ca5c164fc73537c0235e71d165102e22d1ea525879e559ac37e9f3b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dffa6e6a38300a852e2aa4560d19701e2daf9fafaf5efb7d20297712c8d1a013
e12404ccb0492da0a89fbda8db0ddb3c2358fcbd6d29b0c106ba840ca5f5e8ab
e2007f491cf8805ceb2604c0b9aeb1adc383791b679f523665fb75a8aad1ea1c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e4a2f7df63f5cb2b8b32c273ccb004e43c93664c1e4b756b197c63097b7ce4a9
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
e6c19d4ee9832249a4a542057fe1cda984efb525973cb294831ec5ecc42367f7
e8985954379afcdfc9560ec48a12cbca16e172cf84cb1513bd62120dbf2d086d
e8e7fd76994e9fe7f19af8a2234efc259debc6e67de4ae8bf2f0e7471132bd02
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ed080deff87258431cfcdc272697c3c2f00e754c4035590a97a86f723081392e
eea93734d5f0032479fa252394415d53cbcd4e7bd6d54764543eaa8b7c9fd10c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7f5c02f0efac90424d1d90d6a3a926124b80a2d7cc3f8561c36725b29f8615
ef8f067f829af7c95936a36f38e54c98ab090f937f5557e4c78829ed8fcf5ffd
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f22394f867711a1c7bc1754ac44271073c2782cfd2d4072fc5a9f5182c105327
f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc
f535965e5d115ba708161783aa2856b920cd8a3d64a75d2f3f0d27330dd8a762
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f73f8c2ad1c0b7ae96c7bed8ee3000fdf24312456ffa6195c587941ddcc85939
f7da44c9657d7a2dbd9d127c5d9834ab4d9599445f264f90e2b922e61bdc9ff9
f8798515190cb314410c765a8b22859988890100550865fcea07aaa000cc3608
f9f8b31a6e9e78119ea78a9e336665294350ea7e72d5603b77a547bf660dcb30
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

www.cyberark.com Open in urlscan Pro 104.17.192.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

285 Requests

94 %HTTPS

34 %IPv6

49 Domains

77 Subdomains

68 IPs

8 Countries

4990 kBTransfer

12582 kBSize

68 Cookies

51 Outgoing links

Redirected requests

285 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cyberark.com Open in urlscan Pro
104.17.192.105 Public Scan

Screenshot
Live screenshot

Full Image

285
Requests

94 %
HTTPS

34 %
IPv6

49
Domains

77
Subdomains

68
IPs

8
Countries

4990 kB
Transfer

12582 kB
Size

68
Cookies

285 HTTP transactions
2 data transactions