www.huntress.com Open in urlscan Pro
2606:2c40::c73c:67e4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
Submission: On November 14 via manual (November 14th 2023, 8:30:27 pm UTC) from BE — Scanned from DE

Summary HTTP 181 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 65 IPs in 4 countries across 50 domains to perform 181 HTTP transactions. The main IP is 2606:2c40::c73c:67e4, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.huntress.com. The Cisco Umbrella rank of the primary domain is 392265.
TLS certificate: Issued by E1 on October 29th 2023. Valid for: 3 months.

This is the only time www.huntress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	2606:2c40::c7... 2606:2c40::c73c:67e4	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	2606:2800:233... 2606:2800:233:66b5:799a:7cd3:f74d:7071	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6810:6cd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.17.190.170 2.17.190.170	16625 (AKAMAI-AS) (AKAMAI-AS)
2	140.82.121.4 140.82.121.4	36459 (GITHUB) (GITHUB)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:4ffd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:44da	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6811:4341	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.245.86.87 18.245.86.87	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::6812:297c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	185.199.110.154 185.199.110.154	54113 (FASTLY) (FASTLY)
1	52.222.139.19 52.222.139.19	16509 (AMAZON-02) (AMAZON-02)
4	54.164.23.4 54.164.23.4	14618 (AMAZON-AES) (AMAZON-AES)
2	34.159.227.151 34.159.227.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6810:4cba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e4a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:589a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:7e0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:1484	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.159.152.17 162.159.152.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223c:dc00:9:d7d4:1380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:890f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:24c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::6812:2b1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
6	52.57.212.193 52.57.212.193	16509 (AMAZON-02) (AMAZON-02)
11	2.19.96.139 2.19.96.139	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.44.31.83 52.44.31.83	14618 (AMAZON-AES) (AMAZON-AES)
1	54.173.34.214 54.173.34.214	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:cff9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	2606:4700::68... 2606:4700::6812:a07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	54.185.118.145 54.185.118.145	16509 (AMAZON-02) (AMAZON-02)
1	34.211.31.243 34.211.31.243	16509 (AMAZON-02) (AMAZON-02)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
1	99.81.165.243 99.81.165.243	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:710... 2a02:26f0:7100::5f64:87f1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	20.122.63.128 20.122.63.128	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
40	13.249.9.6 13.249.9.6	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
181	65

22 2606:2c40::c73c:67e4 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.huntress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:6cd1 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.190.170 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-190-170.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 140.82.121.4 (Frankfurt am Main, Germany)

ASN36459 (GITHUB, US)
PTR: lb-140-82-121-4-fra.github.com

gist.github.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:4ffd (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:44da (United States)

ASN13335 (CLOUDFLARENET, US)

huntresscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4341 (United States)

ASN13335 (CLOUDFLARENET, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.245.86.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-87.fra60.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:297c (United States)

ASN13335 (CLOUDFLARENET, US)

3911692.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh7-us.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.199.110.154 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-110-154.github.com

github.githubassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-19.ams50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.164.23.4 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-23-4.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.159.227.151 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.227.159.34.bc.googleusercontent.com

webhooks.fivetran.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4cba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e4a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:589a (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e0c (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:1484 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.152.17 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:dc00:9:d7d4:1380:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.metadata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:890f (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:24c4 (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:2b1f (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.57.212.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-212-193.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.19.96.139 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-96-139.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.31.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-31-83.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.173.34.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-34-214.compute-1.amazonaws.com

bidagent.xad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:cff9 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a07d (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.185.118.145 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-185-118-145.us-west-2.compute.amazonaws.com

api-gw.metadata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.211.31.243 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-31-243.us-west-2.compute.amazonaws.com

a.usbrowserspeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.165.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-165-243.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::5f64:87f1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 13.249.9.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-6.cdg53.r.cloudfront.net

rc-widget-frame.js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
customer.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	driftt.com js.driftt.com — Cisco Umbrella Rank: 5586 rc-widget-frame.js.driftt.com — Cisco Umbrella Rank: 120148	494 KB
22	huntress.com www.huntress.com — Cisco Umbrella Rank: 392265	948 KB
12	6sc.co j.6sc.co — Cisco Umbrella Rank: 5465 c.6sc.co — Cisco Umbrella Rank: 8564 ipv6.6sc.co — Cisco Umbrella Rank: 5738 b.6sc.co — Cisco Umbrella Rank: 3759	22 KB
7	drift.com bootstrap.api.drift.com — Cisco Umbrella Rank: 6353 customer.api.drift.com — Cisco Umbrella Rank: 6845 metrics.api.drift.com — Cisco Umbrella Rank: 6159 event.api.drift.com	6 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 p.clarity.ms — Cisco Umbrella Rank: 7485 c.clarity.ms — Cisco Umbrella Rank: 1405	28 KB
6	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2977	11 KB
6	linkedin.com 4 redirects platform.linkedin.com — Cisco Umbrella Rank: 3525 px.ads.linkedin.com — Cisco Umbrella Rank: 377 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6003	165 KB
5	salesloft.com scout-cdn.salesloft.com — Cisco Umbrella Rank: 9850 scout.salesloft.com — Cisco Umbrella Rank: 12484	4 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 366 c.bing.com — Cisco Umbrella Rank: 236	16 KB
4	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1186 syndication.twitter.com — Cisco Umbrella Rank: 1447 analytics.twitter.com — Cisco Umbrella Rank: 747	132 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	178 KB
3	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4294 forms-na1.hsforms.com — Cisco Umbrella Rank: 6733	3 KB
3	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 8571	2 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 24529 ibc-flow.techtarget.com — Cisco Umbrella Rank: 22103	2 KB
3	metadata.io cdn.metadata.io — Cisco Umbrella Rank: 30623 api-gw.metadata.io	4 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462 www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 5456 track.hubspot.com — Cisco Umbrella Rank: 2298	2 KB
3	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2155	16 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	25 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	280 KB
2	quora.com a.quora.com — Cisco Umbrella Rank: 5077 q.quora.com — Cisco Umbrella Rank: 3698	15 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 778	7 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4607 forms.hscollectedforms.net — Cisco Umbrella Rank: 4689	26 KB
2	fivetran.com webhooks.fivetran.com — Cisco Umbrella Rank: 29634	325 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 901	60 KB
2	hubspotusercontent-na1.net 3911692.fs1.hubspotusercontent-na1.net	61 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2958	2 KB
2	github.com gist.github.com — Cisco Umbrella Rank: 43868	12 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	35 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 495	577 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6398	161 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1452	637 B
1	usbrowserspeed.com a.usbrowserspeed.com — Cisco Umbrella Rank: 9169
1	t.co t.co — Cisco Umbrella Rank: 607	379 B
1	xad.com bidagent.xad.com — Cisco Umbrella Rank: 18433	342 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1333	8 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4272	2 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 713	15 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97	455 B
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4568	88 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3050	4 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2150	22 KB
1	githubassets.com github.githubassets.com — Cisco Umbrella Rank: 8264	10 KB
1	googleusercontent.com lh7-us.googleusercontent.com — Cisco Umbrella Rank: 1021	63 KB
1	huntresscdn.com huntresscdn.com — Cisco Umbrella Rank: 6140	112 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	2 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5567	6 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 3240	360 B
1	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 8342	2 KB
181	50

	Domain	Requested by
40	rc-widget-frame.js.driftt.com	js.driftt.com rc-widget-frame.js.driftt.com
22	www.huntress.com	www.huntress.com
8	b.6sc.co	www.huntress.com
6	tags.srv.stackadapt.com	www.huntress.com tags.srv.stackadapt.com
4	connect.facebook.net	www.huntress.com connect.facebook.net
4	scout.salesloft.com	scout-cdn.salesloft.com
3	px.ads.linkedin.com	3 redirects
3	tracking.g2crowd.com	www.huntress.com tracking.g2crowd.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.huntress.com
3	js.hs-banner.com	www.huntress.com js.hs-banner.com
3	js.driftt.com	www.huntress.com rc-widget-frame.js.driftt.com
3	cdnjs.cloudflare.com	www.huntress.com
3	www.googletagmanager.com	www.huntress.com www.googletagmanager.com
2	event.api.drift.com	rc-widget-frame.js.driftt.com
2	customer.api.drift.com	rc-widget-frame.js.driftt.com
2	bootstrap.api.drift.com	rc-widget-frame.js.driftt.com
2	c.clarity.ms	1 redirects
2	track.hubspot.com
2	p.clarity.ms	www.clarity.ms
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	ibc-flow.techtarget.com	trk.techtarget.com
2	forms.hsforms.com	www.huntress.com
2	j.6sc.co	www.googletagmanager.com j.6sc.co
2	cdn.metadata.io	www.huntress.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.google-analytics.com	www.googletagmanager.com www.huntress.com
2	platform.twitter.com	www.huntress.com platform.twitter.com
2	webhooks.fivetran.com	huntresscdn.com
2	3911692.fs1.hubspotusercontent-na1.net	www.huntress.com
2	dev.visualwebsiteoptimizer.com	www.huntress.com
2	gist.github.com	www.huntress.com
2	code.jquery.com	www.huntress.com
1	metrics.api.drift.com	rc-widget-frame.js.driftt.com
1	c.bing.com	1 redirects
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	www.facebook.com	www.huntress.com
1	px4.ads.linkedin.com	www.huntress.com
1	www.linkedin.com	1 redirects
1	content.hotjar.io	script.hotjar.com
1	alb.reddit.com	www.huntress.com
1	a.usbrowserspeed.com	cdn.metadata.io
1	api-gw.metadata.io	cdn.metadata.io
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	analytics.twitter.com	www.huntress.com
1	t.co	www.huntress.com
1	forms-na1.hsforms.com	www.huntress.com
1	syndication.twitter.com	platform.twitter.com
1	script.hotjar.com	static.hotjar.com
1	bidagent.xad.com	www.huntress.com
1	q.quora.com	www.huntress.com
1	www.redditstatic.com	www.huntress.com
1	trk.techtarget.com	www.huntress.com
1	ws.zoominfo.com	www.huntress.com
1	a.quora.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	app.hubspot.com	www.huntress.com
1	js.hsleadflows.net	www.huntress.com
1	js.hscollectedforms.net	www.huntress.com
1	js.hsadspixel.net	www.huntress.com
1	js.hs-analytics.net	www.huntress.com
1	static.hotjar.com	www.huntress.com
1	github.githubassets.com	gist.github.com
1	lh7-us.googleusercontent.com	www.huntress.com
1	scout-cdn.salesloft.com	www.huntress.com
1	huntresscdn.com	www.huntress.com
1	cdn.jsdelivr.net	www.huntress.com
1	static.hsappstatic.net	www.huntress.com
1	s7.addthis.com	www.huntress.com
1	cdn2.hubspot.net	www.huntress.com
1	platform.linkedin.com	www.huntress.com
181	74

This site contains links to these domains. Also see Links.

Domain
huntress.io
support.huntress.io
www.sysaid.com
twitter.com
attack.mitre.org
documentation.sysaid.com
cve.mitre.org
lh7-us.googleusercontent.com
gist.github.com
github.com
profero.io
www.shodan.io
www.facebook.com
www.linkedin.com
www.youtube.com
www.bizratings.com

Subject Issuer	Validity	Valid
www.huntress.com E1	`2023-10-29` - `2024-01-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2023-07-11` - `2024-07-10`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2023-04-06` - `2024-04-05`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.github.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-16` - `2024-03-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
huntresscdn.com Cloudflare Inc ECC CA-3	`2023-05-10` - `2024-05-09`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-18`	a year	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-09-30` - `2024-09-29`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.githubassets.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-28` - `2024-09-27`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
webhooks.fivetran.com R3	`2023-09-30` - `2023-12-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-24` - `2023-11-22`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
quora.com R3	`2023-09-24` - `2023-12-23`	3 months	crt.sh
*.metadata.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-18` - `2024-01-07`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-07`	a year	crt.sh
6sc.co R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.quora.com R3	`2023-11-05` - `2024-02-03`	3 months	crt.sh
bidagent.xad.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
syndication.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-01` - `2024-10-31`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
a.usbrowserspeed.com Amazon RSA 2048 M01	`2022-12-01` - `2023-12-30`	a year	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2023-09-21` - `2023-12-20`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.drift.com Amazon RSA 2048 M01	`2023-07-03` - `2024-07-31`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
Frame ID: D8BD267B584397A6C1BA4D686CC81B7A
Requests: 126 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.huntress.com
Frame ID: 4AA687CD5A8E435560B2468A0788D761
Requests: 2 HTTP requests in this frame

Frame: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
Frame ID: 3ED064693C6DAE20D6D2FEC505358158
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Critical Vulnerability: SysAid CVE-2023-47246

Detected technologies

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

181
Requests

98 %
HTTPS

57 %
IPv6

50
Domains

74
Subdomains

65
IPs

4
Countries

2909 kB
Transfer

7724 kB
Size

66
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://huntress.io/
Title: Partner Login Access Your Huntress Dashboard

Search URL Search Domain Scan URL

URL: https://support.huntress.io/
Title: Support Documentation Technical Product Support, FAQs & More

Search URL Search Domain Scan URL

URL: https://www.sysaid.com/blog/service-desk/on-premise-software-security-vulnerability-notification
Title: SysAid published an advisory

Search URL Search Domain Scan URL

URL: https://twitter.com/MsftSecIntel/status/1722444141081076219
Title: Microsoft had notified

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/groups/G0092/
Title: TA505

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/software/S0611/
Title: cl0p ransomware gang

Search URL Search Domain Scan URL

URL: https://documentation.sysaid.com/docs/23336
Title: SysAid Server 23.3.36

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47246
Title: CVE-2023-47246

Search URL Search Domain Scan URL

URL: https://lh7-us.googleusercontent.com/OQJ_ghsBc_fmnDuzhsuWnuxkPHmQhZqkQ2qm0GNRnZhWKAfHtEXPJsO3xGPVxFdbVqtHmrlUaSCm6lOrnoZWTOZilCU_fnFhDYXqAoE-UvlF5p50RagctZcTNqAHmnFelX3CYurn-Q67w3TnEwqLUH8

Search URL Search Domain Scan URL

URL: https://gist.github.com/JohnHammond/96dfc3179f8a6b043383f019a9be6f99
Title: can be found here

Search URL Search Domain Scan URL

URL: https://gist.github.com/JohnHammond/96dfc3179f8a6b043383f019a9be6f99/raw/c302d64bc703dee1ed29c53fae143344945be630/sysaid_postexp_01_pwsh_event.ps1
Title: view raw

Search URL Search Domain Scan URL

URL: https://gist.github.com/JohnHammond/96dfc3179f8a6b043383f019a9be6f99#file-sysaid_postexp_01_pwsh_event-ps1
Title: sysaid_postexp_01_pwsh_event.ps1

Search URL Search Domain Scan URL

URL: https://github.com/
Title: GitHub

Search URL Search Domain Scan URL

URL: https://profero.io/posts/sysaidonpremvulnerability/
Title: Profero

Search URL Search Domain Scan URL

URL: https://gist.github.com/JohnHammond/7a50a511003eb10fd988827f5e6a9319
Title: second snippet of PowerShell

Search URL Search Domain Scan URL

URL: https://gist.github.com/JohnHammond/7a50a511003eb10fd988827f5e6a9319/raw/0a170dbd673551a92122d3f5c38eb512612a5960/sysaid_postexp_02_pwsh_event.ps1
Title: view raw

Search URL Search Domain Scan URL

URL: https://gist.github.com/JohnHammond/7a50a511003eb10fd988827f5e6a9319#file-sysaid_postexp_02_pwsh_event-ps1
Title: sysaid_postexp_02_pwsh_event.ps1

Search URL Search Domain Scan URL

URL: https://www.shodan.io/search?query=http.title%3A%22SysAid+Help+Desk+Software%22
Title: Shodan query

Search URL Search Domain Scan URL

URL: https://www.shodan.io/search?query=http.html%3A%22SysAId%22
Title: different Shodan query

Search URL Search Domain Scan URL

URL: https://lh7-us.googleusercontent.com/aCMluvErYxWOC_83N2IUXdWXv5X3V0szIjJ0P5TkR-WJ7htMgjDKTC7YEwpVIcLEIpZkqG9At1RrI0uPdR9bZ6a5jNZfMHy2H8V7MWu9VUEJG9ofuTu8lHqVRpX07qUoDjuRWZrzYaMGmVYI2A32qJk

Search URL Search Domain Scan URL

URL: https://lh7-us.googleusercontent.com/8O4zzxkeiq0Va6BINd5-k226MVoTrAiAP7YU939z_9dsYmJ87xXgKzWnXDS2bfi2tXtIrUOCg_z4IZ0pzesgKZhQbpgPyXx_nQfmyQfEEDlt8X9meGT-yscrE8r3Z0EAStI26Vf7WPaKZiedDzvf4Xk

Search URL Search Domain Scan URL

URL: https://lh7-us.googleusercontent.com/x7IYZVBrNdCVBTPiIAQckWnJphl3MuDb7aC_9LF96MMgSSK-5u-D3QB0Ml2Y8XAB23muOjOnUuNwrzyhc5eIFRTt_GeWNZFockoPQzaLZ2na2WnBswGgbgsQQNQv28JFavm9-e-KhJ46dcz9BHoKBug

Search URL Search Domain Scan URL

URL: https://lh7-us.googleusercontent.com/fxE5iaoZH1eqaeftd0nEcLVaBTZ_x_K7X1Ha6afgcdjK8PbYps1z1zE9WMAPgCNz-CjBPZ4jwUOnlSc_c7FdbuPChz_5tObeLAI6zWTBSjpBavQOqXnbXpVa1646AjwuUtVk10wCA2Vc13Xpvlohkl4

Search URL Search Domain Scan URL

URL: https://lh7-us.googleusercontent.com/YKAT14IYqmSoC6bt1NCM4dRdZg01meEWeKw0cG3RQae2SIOjhADeP6zu8EKIb7f2AO2Lje7D7x8TCRrRT88nRfeaHAuRuJMCoeeXXbvxM5_u872AgG2SUxcTT1aXg5CqQ2vH18y1AvXQt2msQ0zLP3k

Search URL Search Domain Scan URL

URL: https://www.facebook.com/huntresslabs

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/huntress-labs

Search URL Search Domain Scan URL

URL: https://twitter.com/HuntressLabs

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/huntress-labs/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/huntresslabs
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Huntress/featured
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.bizratings.com/Huntress-Labs-Incorporated
Title: BizRatings

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3281745&time=1699993821927&url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3281745&time=1699993821927&url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3281745%26time%3D1699993821927%26url%3Dhttps%253A%252F%252Fwww.huntress.com%252Fblog%252Fcritical-vulnerability-sysaid-cve-2023-47246%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3281745&time=1699993821927&url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3281745&time=1699993821927&url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&cookiesTest=true&liSync=true&e_ipv6=AQLZ6SRcIN9XDwAAAYvPhyWcJ2rOpSO4LGvZV-S6l-CM2qBmBV4cWnebsb3-m40mBXRVyumf

Request Chain 125

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B83F50BE857944BC9BE26DE4F6E73736&RedC=c.clarity.ms&MXFR=3B3A6582D1EA600F26A8764BD5EA6E2C HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B83F50BE857944BC9BE26DE4F6E73736&MUID=3723CFCD2AA360E2040CDC042BA361A7

181 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request critical-vulnerability-sysaid-cve-2023-47246 Show response
www.huntress.com/blog/ 148 KB
28 KB 236ms
101ms Document
text/html 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf047e2aa7537c8c92dc8482eb7860b935d9d67aff36278de31dc2e44829236

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=10800, max-age=0
cf-ray: 826203014b683615-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 14 Nov 2023 20:30:20 GMT
edge-cache-tag: CT-123758893962,CT-132469233493,CT-144203912473,CT-144873329013,CG-39343107504,P-3911692,L-37647219354,L-38940492861,L-97832688913,CW-37647184945,CW-37647219358,CW-37648091485,CW-37648262592,CW-72308060713,CW-97827380338,E-37640723000,E-37647164007,E-37647184944,E-67886983812,MENU-38395296852,MENU-38397117900,PGS-ALL,SW-4,B-39343107504,GC-38395296829,GC-97827380396
etag: W/"a03494d4c102025d44d8d0d29bde4c6a"
last-modified: Tue, 14 Nov 2023 16:24:35 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
permissions-policy: microphone=(), geolocation=(), camera=()
referrer-policy: strict-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xc%2F6xU41MPRL4yB%2FCXz5bX8nytI5HV4o4Ehfys7YWcZA8xqJtM8z8wcoLm0C35HFYQH8%2FBDy0yoKC9Q7r1dJtoe07J%2B8iZsNXi8QlZOnwfOCciM%2BMagoVBUeGmT6NQrzsEOvsBeHh0p4pf6EWQw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: HIT
x-hs-content-id: 144873329013
x-hs-https-only: worker
x-hs-hub-id: 3911692
x-hs-prerendered: Tue, 14 Nov 2023 16:24:35 GMT

GET
H2 200 module_97827380338_POWER_Header_V2c.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/97827380338/1698847207656/ 9 KB
3 KB 72ms
68ms Stylesheet
text/css 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/97827380338/1698847207656/module_97827380338_POWER_Header_V2c.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9376df9b8822a7f057796704e3cb466577faa32f94b2460a2429944cc16c9489

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: ZA1M747C5YN2ZK7K
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"9e5756eb6d9de94905780a4ca74a859a"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1698847207656
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 14 Nov 2023 20:30:20 GMT
strict-transport-security: max-age=31536000
via: 1.1 ad2604250e9eed83c372fadb62dfeaca.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: u5W5j0Xxzn.AHQfCDBaEoGmnDumG6OJB
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: ecfd92bd-a2dd-4921-a33a-c266b93f298c
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 172
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Ls2RrfPhq54vn5EKTyyQVc5IHW5I/9U+IJjtD6xQ2wmHkMlFiEd6ZWmxoxE52CgZAZDjDgFOSJWaQU1g0HBewA==
x-evy-trace-route-configuration: listener_https/all
x-request-id: ecfd92bd-a2dd-4921-a33a-c266b93f298c
last-modified: Wed, 01 Nov 2023 14:00:08 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BSwS34QZjDVBtpa7RCo2DmYn4%2Ff0JKbBV7N0ulqkxjgSUzreYeHlLcppNy8HQt7E8YfpBVyl8Aq9ecHNkrBtaZPcTS4WELzGotU99EHXsv9l7j71WKzdmfUkRGLEJtit1RStifPhSr0esDG8eE%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-b6rgr
access-control-allow-credentials: false
cf-ray: 826203033e433615-FRA
x-amz-cf-id: 9-e2yGg41Un7URi_CN3XJnyT_7S1uWD5_zdWS5Y2UygjOP9GLM8Xfw==

GET
H2 200 module_37647219358_POWER_Blog_Post_Header.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37647219358/1639032908209/ 74 B
1 KB 98ms
95ms Stylesheet
text/css 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37647219358/1639032908209/module_37647219358_POWER_Blog_Post_Header.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

24846a3f194b09919bf75cec2a1d012653257442cea9342c648d618c8bddd844

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: TXTWNYN5A2MAME0J
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"69dec35879b2f3061c26e9b58f93b109"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1639032908209
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Tue, 14 Nov 2023 20:30:20 GMT
strict-transport-security: max-age=31536000
via: 1.1 cbb1ad5df105c42cc24cca0b876989aa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 49upZA48BAIxdOk80QHxcPVW7u781vZq
x-amz-cf-pop: IAD89-P2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 141
alt-svc: h3=":443"; ma=86400
x-amz-id-2: j6cke6u+K9ftBD4JgD9bS9gkFeHOn1zbDGu0kJtCVSBf4d7xoO7YASABCBoCFNWavrAQirEo0zw=
x-request-id: cceabd0a-98ae-49c5-8e64-6bd0900f8e07
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 09 Dec 2021 06:55:09 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyCBoDnDAV3d421Ge3eADsQkUFoyNlIcQPwuJHyrrwJ3QfKRp9tDWc0fpuW0uci0ZIYAQRqqsHXp5CnWzOaMZLYfgOo1CgkCf8ckahNQf8tuJFVBK%2FZZIXq8gsk4cjsdjBQMY%2BvTZSU6hIyZBf4%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-55b7d448b-7hqzq
access-control-allow-credentials: false
cf-ray: 826203033e4a3615-FRA
x-amz-cf-id: op2DSjNCpKMKjsHNsZXnO4ifXPeB-SHjmSj-pw8pj4SJOM1qNQlY5Q==

GET
H2 200 module_37648262592_POWER_Blog_Post.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648262592/1684897767095/ 3 KB
2 KB 73ms
70ms Stylesheet
text/css 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648262592/1684897767095/module_37648262592_POWER_Blog_Post.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

558979f57321b92691fa5d479ae380773ae5d9dffd5f8bcaddc4525ea361f0a9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 0CF7FVFZ62YA7E0M
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"32d40d380ad9ef9fa7e8201229f3af48"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1684897767095
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 14 Nov 2023 20:30:20 GMT
strict-transport-security: max-age=31536000
via: 1.1 ded2db8c78a1ad7377261200a0bb44fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 2N_OvH8qkRvBOxJfx8AC8YDbr.hUy2zf
x-amz-cf-pop: IAD61-P2
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: ebf6a2f9-a37c-4b44-8b2c-6e1c7d72d948
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 183
alt-svc: h3=":443"; ma=86400
x-amz-id-2: SaULe9FlapDzs5VIcSdRXm1OKrHM/rWnIud4ezWe2kMBvqrnqw2YS8l79/zpmMZ5N5KGT/OS2/M=
x-evy-trace-route-configuration: listener_https/all
x-request-id: ebf6a2f9-a37c-4b44-8b2c-6e1c7d72d948
last-modified: Wed, 24 May 2023 03:09:28 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ucZyvWez85Osh%2BvLKsPeCAXBvc%2Fq0raBGpyR%2B3GGROi3r3ajiYSM0XVAfXtfRzwVTl9cfKq0GYS8zbDx5COkDE2yFer%2BrHB2Emdz5gGBOhQYcxmGL2uoUbXr44wiReDo5SESRv2YBd%2Bbbj2qPg%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-5sf4f
access-control-allow-credentials: false
cf-ray: 826203033e4c3615-FRA
x-amz-cf-id: NCn9mrU4-nAIqAsEMXoSlCNbmbYgkxH-xxyvsnm1kt3Jc-Al6jE02A==

GET
H2 200 module_72308060713_Blog_Related_post.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/72308060713/1669043943698/ 980 B
1 KB 90ms
88ms Stylesheet
text/css 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/72308060713/1669043943698/module_72308060713_Blog_Related_post.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c52ffb59a6bf4ac549ed6da4dbe39a7661ff82147942ff109c2e72ae676b787c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: DGNK6W1A6SYVTZZZ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
x-evy-trace-listener: listener_https
etag: W/"367408b281056af8212339a4673151f1"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1669043943698
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Tue, 14 Nov 2023 20:30:20 GMT
strict-transport-security: max-age=31536000
via: 1.1 2174e600dd54879ba9f49d0337eeb2dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: PvcH1mnBAoQZmMyjaqQqh_SH9bmBXz5d
x-amz-cf-pop: IAD55-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 29322b9f-1cd2-4828-993e-15d78131c570
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 167
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 6rmBo/mrhge3OA48HJUt3mR5Tq9/rKUFfu5wHCcVUsE8pPFifbtpcNyjluKUwd9gQzB7G7lAwAXUO3fvd7hShmzIFQokKBrIkz7YAp4Ia2w=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 29322b9f-1cd2-4828-993e-15d78131c570
last-modified: Mon, 21 Nov 2022 15:19:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlVaBz2xQWG9y7l2tZciqI4dYm1G2Btn9HYSN5zUrttsI2RNxAQA1ZHn9An0%2BeBix7hydlllCUZC80K9GHk4Y6z60%2Fg20utlLEmYYZbgvM7bxYZhq0rrm4CpYvH3yquJ0Q0ynSnqKLYs4YTNxC4%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-9xkdz
access-control-allow-credentials: false
cf-ray: 826203033e4e3615-FRA
x-amz-cf-id: L78yMPEjcZSot_BfR4drLoREO-1RmGR-dg60jDSkoc7k5MM6ysRuBQ==

GET
H2 200 module_37648091485_POWER_Footer_Full.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648091485/1684898810500/ 576 B
2 KB 59ms
57ms Stylesheet
text/css 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648091485/1684898810500/module_37648091485_POWER_Footer_Full.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b5765cdf7d4f072406ef5bfeecee9b32bff67188fd51806fdb3e33dd947d083

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: GYAPQ5AA20E9ME84
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"9a99157071cde4851612764968f3d978"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1684898810500
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Tue, 14 Nov 2023 20:30:20 GMT
strict-transport-security: max-age=31536000
via: 1.1 920629f47fa586ce02a1a1af8b626578.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: R.csxy8CglfZBKioFoVylJ7B89DN_Gka
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 139
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 6E+DYBmtrRhwgvNq1ZV+sX17kiaVjvKA/4LqcfnplNNkf0/bbbDYvB9WtnZ7YbswdSTRzvKs5Fw=
x-evy-trace-route-configuration: listener_https/all
x-request-id: b014335d-785a-4a94-ad2e-b609247699f2
last-modified: Wed, 24 May 2023 03:26:51 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70l7GB%2FHIxpRiQVP0OQp2DXvdh%2FCMDOpRWtEaOVlOMy9epM%2Fopik%2FfFrgkPVRJ1yp%2F36OYj%2FaRgb2hjqMbx1hQtI%2BCIiAkpJv0xRqtCG7TJ%2FnXaHO1g2%2B%2FRoCq26anRt6yyIRIn9Dfai7zMBO7M%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-9xkdz
access-control-allow-credentials: false
cf-ray: 826203033e513615-FRA
x-amz-cf-id: srKWbETndrx5s1pz4FfWOPZr7PYl83TYJBpZJDeMZkj_AT0iR2dYLg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 302 KB
96 KB 202ms
82ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GCTMBVFESS

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ca98db1980e1eaf334bc10634bcf531a5add9e38554c12b25f229abaeb9ebca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98172
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Nov 2023 20:30:21 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 53ms
20ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://www.huntress.com/
Origin: https://www.huntress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:20 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4755720
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-fra-eddf8230025-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1699993821.720219,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 11, 1291488

GET
H2 200 jquery-migrate-3.3.2.min.js Show response
code.jquery.com/ 11 KB
4 KB 54ms
21ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-3.3.2.min.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://www.huntress.com/
Origin: https://www.huntress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:20 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5191619
x-cache: HIT, HIT
content-length: 4165
x-served-by: cache-lga21924-LGA, cache-fra-eddf8230025-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1699993821.720185,VS0,VE0
etag: W/"28feccc0-2bd8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 49, 27813

GET
H2 200 in.js Show response
platform.linkedin.com/ 510 KB
160 KB 112ms
26ms Script
text/javascript 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frb/6722) /

Resource Hash

2ee773ef677420cdeb136e974fcef8ed7c10c1302fff8a9846acd53434cacb8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 1480
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 163638
x-li-uuid: AAYKIk+U6GDfNIv408qFwQ==
last-modified: Tue, 14 Nov 2023 20:05:40 GMT
server: ECAcc (frb/6722)
x-li-pop: prod-lor1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-lor1
cache-control: public, max-age=3600
x-li-proto: http/1.1
accept-ranges: bytes
expires: Tue, 14 Nov 2023 21:05:40 GMT

GET
H2 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1699893836268/hubspot/hubspot_default/shared/responsive/ 4 KB
2 KB 59ms
32ms Stylesheet
text/css 2606:4700::6810:6cd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1699893836268/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:6cd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-encoding: br
age: 99949
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"94daf62e7e6df83595c6251fb0c7c055"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1699893836914
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 14 Nov 2023 20:30:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: a222a2f7-c529-44b3-a912-08c7985ec23f
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 173
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: a222a2f7-c529-44b3-a912-08c7985ec23f
last-modified: Mon, 13 Nov 2023 16:43:57 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kuXNyfuRLJMhEAmMAtBWMMcbXaoj%2B9k0B8yKMNE6SW335dchGoxlI3%2BTwbVSHqDIZ7UxS7Ai24jY0OQjlIlJAUbmDOjIcW2%2B1G%2BDaPrxUHAFM1SzLOIdnIvZTMjW52BkbW7NmGuMPMPULFIiWHE%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-fbf687555-q8s24
cf-ray: 826203036f9b1947-FRA

GET
H2 200 pwr.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37640723000/1698860507706/HL_Theme_2021/Coded_Files/ 248 KB
43 KB 59ms
57ms Stylesheet
text/css 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37640723000/1698860507706/HL_Theme_2021/Coded_Files/pwr.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2333d57eeb727c27f914f74e0f1d1d2b2399dc5f2e55ebf98ee14fa3e7bb55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 3060
x-amz-request-id: X75HNN0TDY10J0MS
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"15cc4c1f4b5194c6dc32597520e1be8d"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1698860509230
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 14 Nov 2023 20:30:20 GMT
strict-transport-security: max-age=31536000
via: 1.1 71f1cca040033ebffc591cf9392d1528.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 4pclRcO0naXPThCoIUdPGSYpoHhQVF5r
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: bc954816-f088-4127-9fb4-01bb127607da
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 302
alt-svc: h3=":443"; ma=86400
x-amz-id-2: soOv6JGSODfWrc6leB7K0H6Mgg/iYHIrGE+WtgMgOemPe/88JdTdzkxvso+sJLGr1y8gL/f94zs=
x-evy-trace-route-configuration: listener_https/all
x-request-id: bc954816-f088-4127-9fb4-01bb127607da
last-modified: Wed, 01 Nov 2023 17:41:50 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFlQE%2BqVgZQMQfneagW4tdZ1uIcjmt1mRKHD%2FwqUOUNZuBuuOrxSAsOeOqcOAZJagsV49EaYcsFjRFGfkZZlafbcg%2FT6z9N9NSNxiFn98gkBtK9sJZh4zpXlbicVN7nG1xguDRUunLn36rf%2FisY%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5d487f56c7-v96mf
access-control-allow-credentials: false
cf-ray: 826203033e553615-FRA
x-amz-cf-id: jMgO-A6rAZmKqhjONQZQlugFuChCWm-G7hzKp9Bc4dCXP-n8m2HFXA==

GET
H2 200 custom-styles.min.css
www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37647184944/1696947144736/HL_Theme_2021/Coded_Files/ 5 KB
2 KB 61ms
60ms Stylesheet
text/css 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37647184944/1696947144736/HL_Theme_2021/Coded_Files/custom-styles.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e95b63df5dfdf0e0b0357145cdcab82f66f47a5b7362d7cc9ca3742bfbd580fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: CVNNMY6BEGDHQND0
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"4a44eb50daee811c10a2b1d0c48ff21b"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1696947145421
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 14 Nov 2023 20:30:20 GMT
strict-transport-security: max-age=31536000
via: 1.1 417c242b19212928b079740e6dd8f54c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: c15uUEuU2sFV9fghOKvvAQdaTKKVU.My
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 7cf07fad-cb0f-4538-baca-3b41aac901c5
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 265
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ETgz73bi3LZb+LTWCNDe2d5CBsPG2i6lvUnkoJ7MWafuFA9++Ezn/jivxDRRFy/+j98hIW0AebE=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 7cf07fad-cb0f-4538-baca-3b41aac901c5
last-modified: Tue, 10 Oct 2023 14:12:26 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFCRreQlJtcq1Faf0sv2ozHYVnfrHX0XwPDNMX0pY5qxTfDdkvVGvw3DX3EmnFZfaGllp74GuniYOMV12NEQ0kQyspHhhQ63buHi1VnPYx6Pnse2D6o9WxT1tzDtpLek3QSXWChwyNrlU%2BW%2BFeE%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-vbm4n
access-control-allow-credentials: false
cf-ray: 826203033e573615-FRA
x-amz-cf-id: d70KKIpz7CYQATCPtqPWw0Mx2B6JFmqyR1Ce5vhchY_4_f3HrBb5ag==

GET
H2 200 Huntress-1-1.svg
www.huntress.com/hubfs/ 17 KB
13 KB 70ms
69ms Image
image/svg+xml 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hubfs/Huntress-1-1.svg

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5fae83c7b1bc318026072592130f5d8ac977970ad81b79218dd442235a59b6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-83639587659,P-3911692,FLS-ALL
age: 11167
x-amz-request-id: A09BHAQBDC03H7GZ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-83639587659,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"5eb7f12b49ec4085bccb33be62bc3fe9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1662015849971
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 14 Nov 2023 20:30:20 GMT
strict-transport-security: max-age=31536000
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CV3yu1lUsNjBX07SDUAQdESVyZxYlca4
x-amz-cf-pop: FRA56-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-83639587659,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: sGgM7th3P4m/y1kOQe+8FdqS6kPnZaFLFZZP2PIjdjds9nDO3BsAr6iw/rqNLT4cCw+zKgaz4c4=
last-modified: Thu, 01 Sep 2022 07:04:10 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vbQ1sruinXtL3hd1SvOg5KdaxFhcwtbrQTQYkGcaNDg2Rp%2FuGNdKOl5Y%2FqZiAawrYoIGseIOjaT6dBHiIJNtCK6lDf6lesw6AR8GUdpCtl9UZNR6faSJDeGasq19ajUUTqFtxySaO4X9Kqj1xA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 826203033e5b3615-FRA
x-amz-cf-id: 7jcUp_OeBw4vZ1oisdbg0RyyKrVkH8ZY7JTDixa3Ud_QF9D-Yrv53g==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
360 B 217ms
34ms Script
text/javascript 2.17.190.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.190.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-190-170.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 20:30:20 GMT
server: Oracle API Gateway
opc-request-id: /E3AB93E2D6AA474476C006A787733CD0/71220CC1EC7A189F364EA7B0312F7300
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 96dfc3179f8a6b043383f019a9be6f99.js Show response
gist.github.com/JohnHammond/ 11 KB
6 KB 211ms
158ms Script
text/javascript 140.82.121.4
GITHUB

General

Check archive.org

Show headers Download Go to

Full URL

https://gist.github.com/JohnHammond/96dfc3179f8a6b043383f019a9be6f99.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

140.82.121.4 Frankfurt am Main, Germany, ASN36459 (GITHUB, US),

Reverse DNS

lb-140-82-121-4-fra.github.com

Software

GitHub.com /

Resource Hash

06215d60d7c5989920af1f768a47a0c2670028d4db6d8f89ae008ca67834a2de

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.githubcopilot.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events objects-origin.githubusercontent.com .actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ staffwus201resultssa0.blob.core.windows.net/ staffwus201resultssa1.blob.core.windows.net/ prodweu01resultssa0.blob.core.windows.net/ prodweu01resultssa1.blob.core.windows.net/ prodweu01resultssa2.blob.core.windows.net/ prodweu01resultssa3.blob.core.windows.net/ wss://.actions.githubusercontent.com github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com support.github.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:20 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.githubcopilot.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events objects-origin.githubusercontent.com *.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ staffwus201resultssa0.blob.core.windows.net/ staffwus201resultssa1.blob.core.windows.net/ prodweu01resultssa0.blob.core.windows.net/ prodweu01resultssa1.blob.core.windows.net/ prodweu01resultssa2.blob.core.windows.net/ prodweu01resultssa3.blob.core.windows.net/ wss://*.actions.githubusercontent.com github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com support.github.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
content-length: 1970
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
x-github-request-id: E378:B8D0:4C1245D7:4D1C7871:6553D8DC
etag: W/"06215d60d7c5989920af1f768a47a0c2"
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
x-frame-options: deny
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes

GET
H2 200 7a50a511003eb10fd988827f5e6a9319.js Show response
gist.github.com/JohnHammond/ 26 KB
6 KB 157ms
153ms Script
text/javascript 140.82.121.4
GITHUB

General

Check archive.org

Show headers Download Go to

Full URL

https://gist.github.com/JohnHammond/7a50a511003eb10fd988827f5e6a9319.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

140.82.121.4 Frankfurt am Main, Germany, ASN36459 (GITHUB, US),

Reverse DNS

lb-140-82-121-4-fra.github.com

Software

GitHub.com /

Resource Hash

5c276a81659091e3514c366f7a2c18921f76e093d3126a258b70903edbf62994

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.githubcopilot.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events objects-origin.githubusercontent.com .actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ staffwus201resultssa0.blob.core.windows.net/ staffwus201resultssa1.blob.core.windows.net/ prodweu01resultssa0.blob.core.windows.net/ prodweu01resultssa1.blob.core.windows.net/ prodweu01resultssa2.blob.core.windows.net/ prodweu01resultssa3.blob.core.windows.net/ wss://.actions.githubusercontent.com github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com support.github.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.githubcopilot.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events objects-origin.githubusercontent.com *.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ staffwus201resultssa0.blob.core.windows.net/ staffwus201resultssa1.blob.core.windows.net/ prodweu01resultssa0.blob.core.windows.net/ prodweu01resultssa1.blob.core.windows.net/ prodweu01resultssa2.blob.core.windows.net/ prodweu01resultssa3.blob.core.windows.net/ wss://*.actions.githubusercontent.com github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com support.github.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
content-length: 2688
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
x-github-request-id: E378:B8D0:4C124666:4D1C7913:6553D8DC
etag: W/"5c276a81659091e3514c366f7a2c1892"
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
x-frame-options: deny
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes

GET
H2 200 magnific-popup.min.css
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 5 KB
2 KB 40ms
16ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/magnific-popup.min.css

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 597999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1283
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-148b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZYpNEGSfaFXZ%2BuOMu3SA2mugWY%2BIqOyKta4MaY6dhPafPEFtU6aeyEgjhWyuXeiWShjYPT0rNKuFzMoMxCgHIMmG0IT2SAu8AlfCCEKcyRxPoRPbTcYBXGLRKevBLu52%2Bm0TSFqZrFNOTamQA3A0NjW"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82620304dcc12bf5-FRA
expires: Sun, 03 Nov 2024 20:30:20 GMT

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.388/ 14 KB
6 KB 81ms
61ms Script
application/javascript 2606:4700::6812:4ffd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.388/embed.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:4ffd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:20 GMT
x-amz-version-id: GNgANes_HpxlXMl5IDFfVeYnBgfaeeYN
via: 1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P6
age: 1274100
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 15 Aug 2023 19:48:57 GMT
server: cloudflare
etag: W/"8741985292d64b839be39c64b14f3783"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I68vsLweQvOqKuHxwUiM%2FlXPspYqlmtEnGAFM0u5w%2BJ%2BWpl5BEOoXzp0WcYlLpfOhtBmgnIte6cw%2BmAJEIzHwfjfx5qWt%2FzRBRjaTQEYRyzzfzR3QTA4ZWk04fzFiHox4b0bFlDshLXOqFjaGzFYBx%2Bprfk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82620304dd4971c4-FRA
x-amz-cf-id: rhXOpYCNrMtoy20ZREGupaV1U7uo-Bc8S9EIj4CITWJ1slMr_M8V4A==
expires: Wed, 13 Nov 2024 20:30:20 GMT

GET
H3 200 pwr.min.js Show response
www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37647164007/1687185407986/HL_Theme_2021/Coded_Files/ 153 KB
39 KB 117ms
114ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37647164007/1687185407986/HL_Theme_2021/Coded_Files/pwr.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5a421dbd597a94360622aa975ff3c27809a08e5ddaada7832a692c3b51c5eeb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: KZ7PS8HB7C5KP80F
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"8e806318ee2a202f50bd8cb20fd2a402"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1687185408717
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 14 Nov 2023 20:30:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 c49971ad4f76a00082eb4f604c635cba.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: rRKXCqkyBDcRwPX3bFJeQzRBVXD92P5D
x-amz-cf-pop: IAD61-P3
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 89d2077c-686c-4aba-97f1-89d12f9c247a
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 167
alt-svc: h3=":443"; ma=86400
x-amz-id-2: SJKIDtzCYwBZc3nx3qBM4jLZ7gDI5g0N+hdmw7Ab/cEnM5gE7fDWgQPIEEZ1ZRN7l4mTfURJ80M=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 89d2077c-686c-4aba-97f1-89d12f9c247a
last-modified: Mon, 19 Jun 2023 14:36:49 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJdqrKH5sphiE2nj6LkjCkYvfZWzhrfXQf%2FDJvpakyJsMa3SWWaa87gNPOTa4kK4GFvhETKGI7MrYlB5Zki5NxL92tRxZfTdXPt1Y30B%2FPKpdhqpxSzwgSyxXnd89O1KrNDZRmqtc6IvOqnBW%2FI%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-2skps
access-control-allow-credentials: false
cf-ray: 82620304bea21d96-FRA
x-amz-cf-id: kTDWsfqeV0oIGK2kCi5REwjd6d39Bfo4qzS2FpKLEN6b576e6bgqUw==

GET
H3 200 project.js Show response
www.huntress.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 76ms
72ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:20 GMT
strict-transport-security: max-age=31536000
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 1186280
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppw5rkBb4aEQ3zbeI0N%2F%2B51lkO4fXw7UvHpNEdTSR%2BfciMFKDMZ9Ir9Zqffyk3ZPN9Z3h4hGS2%2BIAn28z7tcbUQz0OY7E7ZOl0%2Feiz57V7wXlaop5iRiR4d%2FbYGnL30wy4KWFqueEspSJBH8p%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82620304bea61d96-FRA
x-amz-cf-id: vMxH2clCDRRjd7emHmifSLXhLc2TFOGFc0VsUqlcTSiVQmWY_1aUGQ==
expires: Wed, 13 Nov 2024 20:30:20 GMT

GET
H3 200 module_97827380338_POWER_Header_V2c.min.js Show response
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/97827380338/1698847206817/ 490 B
2 KB 119ms
116ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/97827380338/1698847206817/module_97827380338_POWER_Header_V2c.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db6b123f97b64be2a35c607c2d290818cea4f045f157b7499d1e57797b52f66

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: ZA1PGC5NQ7APF1HQ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"15ca550d80a1ae79be0e037f4d84d584"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1698847206817
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 14 Nov 2023 20:30:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 bc330e83c319e99d19922ed79166586a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: CdmPgARCcdLCtU4Wo051UNpT0BgA9R6Q
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 50f7265b-25ce-4687-bce4-9af3c2f38116
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 355
alt-svc: h3=":443"; ma=86400
x-amz-id-2: KQ1SmnG1vfJG4C1BaN7itiixT8xPnuWNhljTTN9qGc+CwEmau+7QX2cJ41Q+mhseMmkWKlUq6FE=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 50f7265b-25ce-4687-bce4-9af3c2f38116
last-modified: Wed, 01 Nov 2023 14:00:07 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ee8TZkLgmVkShghDdsB6%2B0fPSNwJqQFl5HQ3g1WpvdQVEmqN8Z%2BVGJVwj2frnN2XcFhKmTmTeNOHzLCRMvJrdlmK3QsHVWVnwyvvbT3npanoeN9MJIueIwTHcW2LlRXFJpDYrR8PH0BXdMxBhjk%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-5sf4f
access-control-allow-credentials: false
cf-ray: 82620304bea71d96-FRA
x-amz-cf-id: V24PeiMROM9q8SAUlsqfzj-Wym_h1JjPRGp9yuUFFi1TELd8okzWUg==

GET
H3 200 module_37648262592_POWER_Blog_Post.min.js Show response
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648262592/1684897766490/ 933 B
2 KB 141ms
138ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/37648262592/1684897766490/module_37648262592_POWER_Blog_Post.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

79bb1b80606f5282fa20cea179f7c7f619eb1848b1d550a9e13857477cd1c38e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: F43T57KCXSAC1BH6
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"005ba15488b184ae927f2bb08fa5a345"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1684897766490
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Tue, 14 Nov 2023 20:30:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 470d4277236d0557f3e42c6bfe9dac78.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 21H43FXQjaJWBvLJlB0WIq6ue3j9mZAD
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 126
alt-svc: h3=":443"; ma=86400
x-amz-id-2: YdhiJqpvMVbKeejZdx0SsxKxG35kiNfGaSze5Q7x9hxXP8LGP5upBo+m+UAdATsCwUaXr/ZlGWw=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 9303b042-6302-44f8-b27d-223b83b8fbab
last-modified: Wed, 24 May 2023 03:09:27 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEAw764H3%2FsvCNUBXdE2YnAtjoY%2FsXAaRak6f%2Bfx5377AitD1HmR5xu%2F9xSLmjtOn3IuafiVDKTBRlxcuUo2mi4fzFSkLmRp1AXrNm%2B6Zi9ACd%2F3dJYbwpTtxJhQF3QJyZYJuUUFT6HkMhxc0oU%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-qbhrx
access-control-allow-credentials: false
cf-ray: 82620304beaa1d96-FRA
x-amz-cf-id: _LJLCdiiFXxwMel2650dgTfc4ppV8R_QPphuQ08iNdw59tX99hhPpw==

GET
H2 200 jquery.magnific-popup.min.js Show response
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 20 KB
7 KB 40ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1257437
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6546
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-4ef8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jogw%2FAlE9FrVhm5S2E1J4%2FpnQrdrKr5tmHcE8Svvofsby%2Fqy6hM88%2FtLN1DJfPtYzuyd2ZPNdV9B8%2FjDXzUa6LudR%2BsThpGc5aT5CNwTff1TnlxcjGuZEY%2FC1tlYfRcaxgrj05SNZnzMxwsenzEA1FyR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82620304dcc52bf5-FRA
expires: Sun, 03 Nov 2024 20:30:20 GMT

GET
H3 200 sticky.min.js Show response
www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/67886983812/1646636852236/HL_Theme_2021/Coded_Files/ 3 KB
3 KB 117ms
114ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/67886983812/1646636852236/HL_Theme_2021/Coded_Files/sticky.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

11bcaa66e2e5486338bbf15bc2af4136962618bd84574c350c82c501d64f6868

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 4a66fbee8ce857225d1bddf53b79420c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: IAD89-P1
x-amz-request-id: M7J40TAPVGN5PWP9
x-amz-server-side-encryption: AES256
x-amz-version-id: oIU6rHYsVQSZOhrGoqvW7sFAXkwuMMSC
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
content-encoding: br
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 18
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 94KROPuApihfNTilVCETkwiN60LLFdWxpsJiOn+mJ4e2htI7B1WG8HhaRH+173bCaSZwJIhyiEE=
last-modified: Mon, 07 Mar 2022 07:07:33 GMT
server: cloudflare
etag: W/"55ae62a2138b0ac2dad2cd6f3fc3decb"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1646636852583
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdpD95LHYxO8y5Yy9%2BPqYk4%2FXTfHP%2Fezwn%2BBWyo6xSKAqhc%2BZVYaWVreXa%2BdhVqNtFnfHixfwhi4CklPJnFwybNelruln0udGJfw%2Fw%2FTQpS63U1wByE7Fw3WUMmkIytJGdcfQ9zlU3LFFbK9Gyw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
cf-ray: 82620304beab1d96-FRA
x-amz-cf-id: Tgd2BTJKHg9TE5R_xf7-a5r50VTZf2-O2-iSVeuuROYjAdO8GgK0cg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 18

GET
H3 200 module_72308060713_Blog_Related_post.min.js Show response
www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/72308060713/1669043943002/ 365 B
2 KB 104ms
101ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs-fs/hub/3911692/hub_generated/module_assets/72308060713/1669043943002/module_72308060713_Blog_Related_post.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3367498692c5f6cdc662369af915c0c2f13b7f6af9e67a522d2e7fc1b3299364

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: N0BS7V8NB69K88VF
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener: listener_https
etag: W/"136cb371b82e4f0a84d11b654e92bb11"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1669043943002
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Tue, 14 Nov 2023 20:30:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 bf7159e30a38421f642619d6da9a8eb4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: SBG.fyduSO9gOy.FmtNERc3Ncw_1ixXc
x-amz-cf-pop: IAD12-P2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 152
alt-svc: h3=":443"; ma=86400
x-amz-id-2: LiDmrfTAyk/P3/BEPWbw101tyzQz0SYeNrkUkxQeJu7BRW3SwEPXtCJNMHisuozY96XQDn5fCXI=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 6eb60300-4888-4c64-aab9-d4dfdbeb78bf
last-modified: Mon, 21 Nov 2022 15:19:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76c2ERhHY%2FF1pM8z5D3thVR%2BYuBRPfqWdhh0y%2FbaTIcW1dqEvDRiYLD13p2peAsamyK0ZtxMqYFL%2B6c%2BHgt%2FX7nfL1Lyd6cNG2fMw5D6Q9KAAyBuMc%2FnpHtXVMvkv3LkPAj53gAIE8v4IEk1m%2FE%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-65b9b6b744-vrvh9
access-control-allow-credentials: false
cf-ray: 82620304bead1d96-FRA
x-amz-cf-id: VcuytyQ5brW8Ix9SzQHuGapZ0SiBv3ShReQH2HiF3j18DejtfY0RCA==

GET
H3 200 v2.js Show response
www.huntress.com/_hcms/forms/ 559 KB
185 KB 105ms
102ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/_hcms/forms/v2.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea3e0483991ab0655a286b9cd8f0669182bfde3aa16570f7191e34e33103f522

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 366
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4130/bundles/project-v2.js&cfRay=8261fa0f645771bf-FRA
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-evy-trace-listener: listener_https
etag: W/"c44c95c40fb373a441fd2f03d32cf9ce"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.4130/bundles/project-v2.js
date: Tue, 14 Nov 2023 20:30:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-amz-version-id: g3Au.aMyuFT2rnWc2oBbvqYU5bT82sv1
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: b796e6cc-a23d-4a8a-8ba1-f855b1461f76
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: b796e6cc-a23d-4a8a-8ba1-f855b1461f76
last-modified: Mon, 13 Nov 2023 11:47:18 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69N9RSrgUucFT6TCH1PaL%2FkyIc0Q5ioMAno7DzsCjkWg2w7Snh%2BZxd9cGVhXCf4Rtg8YflScokq8dGGKrH0uUVXMLQyHiFv7VjDZXJt2LRoYUB6emGw1HyfaXWX72jYYN7bdJ6Sx6N1eYwfrZks%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-59f9889544-jmkhw
cf-ray: 82620304beaf1d96-FRA
x-amz-cf-id: XLVz2_mC6M6lKWNTPdf0B9cHhOYf8t18Bj0hdm6LtwqTbkTp7-92-Q==

GET
H3 200 3911692.js Show response
www.huntress.com/hs/scriptloader/ 2 KB
1 KB 180ms
178ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fd0bc347d537ea52903855bf14ec686411b09ea67e4208244a0f58525b09a85

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e611f070-494e-4304-b102-f151e04ce9c1
content-encoding: br
x-envoy-upstream-service-time: 7
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e611f070-494e-4304-b102-f151e04ce9c1
last-modified: Tue, 14 Nov 2023 18:38:58 GMT
server: cloudflare
x-trace: 2B0AD3F2F69DEDEFE01C475D5CA5EA6775B1FDF2D2000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.huntress.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5dc9ffbc55-vwwwg
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gkeqEMx2MLEcK1QVHEOuTDIYV2kXWivrPwiHwxNz9DgpQBzw7caZy7827G%2FH40aYYqc0XW%2B2V5E4u24Qs2eHlaual9uJdX3x85z%2FzQbEPNXGw%2BP8j3t1E8b8dvxlZRGnY65L7r922x4gyKCm78%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 82620304beb11d96-FRA
expires: Tue, 14 Nov 2023 20:31:21 GMT

GET
H3 200 index.js Show response
www.huntress.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/ 11 KB
5 KB 75ms
73ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:20 GMT
strict-transport-security: max-age=31536000
via: 1.1 6e4ed2b1996ce238462d61d3bfff667a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 310988
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-amz-version-id: inhS2tX2f2C4tITR3p2haS.uhsvA9eGz
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Apr 2023 15:17:56 GMT
server: cloudflare
etag: W/"0bbd63c0750f141fd5cec04a9393647e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6N9AHg6iLFp1iahe7okfUcKfsK6MBKKWwLSHrbDPEC%2BVT3fNv87FWNP53TuRpnAQ%2BdOzIZWrPxRKN6f6kH0r3GSs8WICXb%2F%2BKmT%2FEpoS3xSUn1Aow%2FbiRb0%2F1vFvWPL%2FkrLIlermyESRCN8s2I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82620304beb21d96-FRA
x-amz-cf-id: bv1G24lAVj0e2ZB0u8KPQCKL79Cwzgd453_BoGRtvWeIY5I7WPQeoA==
expires: Wed, 13 Nov 2024 20:30:20 GMT

GET
H2 200 polyfill.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-polyfills/0.1.42/ 69 KB
16 KB 41ms
18ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-polyfills/0.1.42/polyfill.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd77c41d41a299d224e36572ee84e734bb53f2c56b3babe78619ec413d56d68a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1257378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15998
last-modified: Mon, 04 May 2020 16:11:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec6-11405"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmT%2FwC4GreQS5wSOkD0lCvGZv4LhI%2B9iCzguCf67L3d6tRFn3QH5fvRX2gRqzYioH%2F3mCN6gnNWkQIg%2FIoYChdTbMWsBwVXr7KFYhe5Os9zR1AsQd6sIbprFSa%2FiCASu1IL1%2FO%2FzT7P73cPsfHbm2qqW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82620304dcc42bf5-FRA
expires: Sun, 03 Nov 2024 20:30:20 GMT

GET
H2 200 lozad.min.js Show response
cdn.jsdelivr.net/npm/lozad/dist/ 3 KB
2 KB 59ms
15ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lozad/dist/lozad.min.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12759
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230051-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"c17-/CtD5WDEW7iHrdmPF7CEBoqSMss"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=un6tGfcCa799lP%2F58End3VRnSUAOUAsHXzR%2FUgZ8dl6dwt7ItDP2z0kzOETXAcz9bYWy3Y7uVEFzPuIUTITNwVkMF8HSDG9PvIG%2FXhYYDTFeWJ93hht7FSBnpJpD8lIRR3jep2Tz3Q%2FzMVtxWfw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82620304fa2f1c1c-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 333 KB
104 KB 278ms
160ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVGPJJ5

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d4706944ce49f0dcf4b8f2cf1274d08d0b3ca8f80e8614848cf5e532fa9737f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106565
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Nov 2023 20:30:21 GMT

GET
H2 200 19680a27e88da4a3713af26571b4849096e75d617f2845574af7fd15746256bb.js Show response
huntresscdn.com/ 111 KB
112 KB 230ms
204ms Script
text/plain 2606:4700:20::ac43:44da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://huntresscdn.com/19680a27e88da4a3713af26571b4849096e75d617f2845574af7fd15746256bb.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19680a27e88da4a3713af26571b4849096e75d617f2845574af7fd15746256bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIeZvkTTQQsxt8RwqjFFT2LhRauNvfhP6CBfc2L4yAUeAr2BmlAsNpJ6QVxOOEfoB6eq4WA2ykJxT5zuFBrAqYHw5XWayh1AfuMaMPAhkfn1If1aH2Q5NNblJGKMLHPen%2F%2B59AJHdE4El%2B2ehA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: maxage=14400
cf-ray: 82620304dd02695d-FRA
content-length: 113865

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
2 KB 63ms
20ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=620982&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&f=1&r=0.15401867544127157
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: a459bd903a6bdc9e0bcebb6fa8bfc9e348d59dd41d1c98c286099cec55d2ee72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:20 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 228ms
26ms Script
application/javascript 2606:4700::6811:4341
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scout-cdn.salesloft.com/sl.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4341 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
x-amz-version-id: 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: KEADHYP9ZCZ9R3D0
age: 5485
alt-svc: h3=":443"; ma=86400
x-amz-id-2: EwylhirLpA9DI6Kq3fCLjqc/1bkW5GR8odkMlK6IpHICWvVX9IDmrw3eUwpsnLyktTXgnHxXyEU=
last-modified: Mon, 13 Dec 2021 16:28:37 GMT
server: cloudflare
etag: W/"d74cc4825c8e333b2116da3fcc649db1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 826203063fe9193f-FRA
expires: Wed, 15 Nov 2023 00:30:21 GMT

GET
H2 200 5d3cypit2iz8.js Show response
js.driftt.com/include/1699994100000/ 212 KB
60 KB 243ms
165ms Script
application/javascript 18.245.86.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1699994100000/5d3cypit2iz8.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-87.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

93a2fd82dd3a13a9e9ce0583f3bde1b6e88da6ebce30fa8c87cee4d9d927e4d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
x-amz-version-id: fwT06mdOrTHjuLmyd8.idzR8VPd5.dxi
via: 1.1 14a3ead1863bec56bc8bd13f14b2a62e.cloudfront.net (CloudFront), 1.1 57bc54093a2e2c99ca194f2955ba3d1c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-amz-cf-pop: IAD66-C1, FRA60-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 59
last-modified: Mon, 21 Aug 2023 14:57:31 GMT
server: istio-envoy
etag: W/"576cdc1c0941a520c47b54aef3b463f7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true,true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0V77NBUvywZa4j3jaoZrb18B1ovLNZP-z4QsQ9O2yB5rhQwDo-oGXg==

GET
H2 200 HKNova-Regular.woff2
3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/HK_Nova/ 32 KB
33 KB 162ms
111ms Font
application/font-woff2 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/HK_Nova/HKNova-Regular.woff2
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37640723000/1698860507706/HL_Theme_2021/Coded_Files/pwr.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9cdf9b8cd47c0a17356ff68e2581021800a4c86dd8d71aaf0ad5cfe025b114e

Request headers

Referer: https://www.huntress.com/
Origin: https://www.huntress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-38491779608,FD-38491499040,P-3911692,FLS-ALL
age: 1173503
x-amz-request-id: QDPBR6DPSRSWGZMZ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-38491779608,FD-38491499040,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "5a3239585a66868a9109bab6273f0a26"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1607406808501
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 14 Nov 2023 20:30:21 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: y1_7cBbebzu1P55qghtsCfIzqKHObY4N
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-38491779608,FD-38491499040,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
content-length: 32892
x-amz-id-2: b1G3DMlvkYaG2Fgjgm31+MBa2rcIAyAM6FWdaWMHnNGWLHrjFNtkhz2lNMN45bmUIkCIzmp9FX8=
last-modified: Tue, 08 Dec 2020 05:53:29 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 826203051f5e65d9-FRA
x-amz-cf-id: bQCR3k47O6fUA4lFkxso1kYpzGphZmQPxnxt0LaRUiRJGcfbop3Lmg==

GET
H3 200 Rapid%20Response%20-%20Blog%20Header%20%282%29.png
www.huntress.com/hubfs/ 570 KB
572 KB 132ms
132ms Image
image/webp 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hubfs/Rapid%20Response%20-%20Blog%20Header%20%282%29.png

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e1b2d28b60fff2c5cf98de1c9082642d1be2f05a3987930289d399da461e84a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-144877741618,P-3911692,FLS-ALL
x-amz-request-id: VEXY3PRH1VVV1X03
x-amz-server-side-encryption: AES256
edge-cache-tag: F-144877741618,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Rapid%20Response%20-%20Blog%20Header%20%282%29.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "a437cb282263b67cbbe96c5642437de3"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1699579665696
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 14 Nov 2023 20:30:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: O9VLfNjTrckY_PUY1e0GhbXZr9hrPrFS
x-amz-cf-pop: FRA56-C1
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=836309
x-cache: RefreshHit from cloudfront
cache-tag: F-144877741618,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 583844
x-amz-id-2: vubFlPQoLDlyrT7s3ue5VA4qkqz74F7sDyIAHKRBY9PypgWzlRTbBVoB/5qbgJxjsHcMHhWGNYuHxoEdF6INBREhwGpT7NGK
last-modified: Fri, 10 Nov 2023 01:27:46 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRB55wDRqnv%2FM7X%2Bo5V4PEmSDRsIU%2B%2Fp5Jcr8nvlxIope%2FwqfaTJEKLPTrlH7pMO%2FmTwiWDaL5Nq4yN26XpFkDEbMSqZDnWpQWHDkQY5YgZ3%2BOIISqtQAhRyj7WzhHAxF%2Bm5sF%2FTaAMEdLRqyx8%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 82620304deda1d96-FRA
x-amz-cf-id: 8C2KtBiMNV4BbrV6_PPbZp-VvXJYEmwd0_thyl_5VthTsNIv69vvxA==

GET
H2 200 visuelt-black.woff2
3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/Visuelt/ 28 KB
29 KB 124ms
88ms Font
application/font-woff2 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3911692.fs1.hubspotusercontent-na1.net/hubfs/3911692/HT_2021/fonts/Visuelt/visuelt-black.woff2
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/hs-fs/hub/3911692/hub_generated/template_assets/37640723000/1698860507706/HL_Theme_2021/Coded_Files/pwr.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b990552df973348baaa61af6a11d527c465edb14339f38e25d112b2a1a72ab0e

Request headers

Referer: https://www.huntress.com/
Origin: https://www.huntress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-38492600914,FD-38492172814,P-3911692,FLS-ALL
age: 645106
x-amz-request-id: ADAXATJ8HPY4ARR9
x-amz-server-side-encryption: AES256
edge-cache-tag: F-38492600914,FD-38492172814,P-3911692,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "80407703322249fe13bbef5596e9e414"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1607408610505
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 14 Nov 2023 20:30:21 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: zgv.hEhHVdSF2XuwUP4L0JY36hLML11L
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-38492600914,FD-38492172814,P-3911692,FLS-ALL
x-amz-meta-index-tag: all
content-length: 28504
x-amz-id-2: ufGdE+CsoSc8cmrHqUNzysxLfLbkinyDqtJILzJML46zKkiWH/5rTbqpT/TB88MRM5NKYxPkqzU=
last-modified: Tue, 08 Dec 2020 06:23:31 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 826203051f5c65d9-FRA
x-amz-cf-id: dkRRm-XBRiOmcS85TtDRcAuB5M2HI5QPSo879vC5sQR_Ea5xv5Knrg==

GET
H2 200 OQJ_ghsBc_fmnDuzhsuWnuxkPHmQhZqkQ2qm0GNRnZhWKAfHtEXPJsO3xGPVxFdbVqtHmrlUaSCm6lOrnoZWTOZilCU_fnFhDYXqAoE-UvlF5p50RagctZcTNqAHmnFelX3CYurn-Q67w3TnEwqLUH8
lh7-us.googleusercontent.com/ 63 KB
63 KB 185ms
56ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh7-us.googleusercontent.com/OQJ_ghsBc_fmnDuzhsuWnuxkPHmQhZqkQ2qm0GNRnZhWKAfHtEXPJsO3xGPVxFdbVqtHmrlUaSCm6lOrnoZWTOZilCU_fnFhDYXqAoE-UvlF5p50RagctZcTNqAHmnFelX3CYurn-Q67w3TnEwqLUH8

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

59b65916f39dc21dcd5a126cd162a70137330b959608402fb1ef6617074de7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 19:16:20 GMT
x-content-type-options: nosniff
age: 4441
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64454
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 15 Nov 2023 19:16:20 GMT

GET
H2 200 gist-embed-232d920b3dfe.css
github.githubassets.com/assets/ 52 KB
10 KB 72ms
22ms Stylesheet
text/css 185.199.110.154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://github.githubassets.com/assets/gist-embed-232d920b3dfe.css

Requested by

Host: gist.github.com
URL: https://gist.github.com/JohnHammond/96dfc3179f8a6b043383f019a9be6f99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-154.github.com

Software

AmazonS3 /

Resource Hash

3c33fb84cf824df6ac4de845b71ddd634fd80926ae2d186e5f8635523b28a5a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-fastly-request-id: e939d8a266ae4217689404fd59e0f43a76ff8426
date: Tue, 14 Nov 2023 20:30:21 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000
age: 1855452
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 10011
x-served-by: cache-iad-kjyo7100158-IAD, cache-fra-eddf8230118-FRA
last-modified: Thu, 19 Oct 2023 19:54:15 GMT
server: AmazonS3
etag: "63bbda39f2c93fa4e288aba8787bd9bf"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/css
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 5, 38

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
151 B 196ms
196ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=620982&d=huntress.com&u=DDA5CFDC820B94FC015FD10630D923EB3&h=800fc0720c1cf9fbf5714d9b2dfd9d55&t=false

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H3 200 Pharma%20-%20Blog%20Thumbnail.jpg
www.huntress.com/hs-fs/hubfs/ 21 KB
22 KB 40ms
40ms Image
image/webp 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hs-fs/hubfs/Pharma%20-%20Blog%20Thumbnail.jpg?width=600&name=Pharma%20-%20Blog%20Thumbnail.jpg

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

302c2b5e54b9109c31e6f885dcfa028a37b17f5e1e714a093253157eb0e0f9d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 f81208a29b5f00cfa13282b25b82d06c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-144423910026,P-3911692,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 21724
cf-resized: internal=ok/h q=0 n=31+0 c=2+13 v=2023.9.8 l=21724
last-modified: Wed, 08 Nov 2023 02:51:45 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfhcfqTv5xFFF2JkzHqUrCh_V-e_YPQ8NgyooicLtuDQ:9b8c1ab5241e9f37cdfae7c217e851fb"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcfwHa40J%2BQCivKAeDc2j0OoFyUIetdF4v323nfo7uWiYT5UXeMgqReCq1Q7RoItUCVSgjfCJRACoEv1DCTyLgJ3%2Fgbu4iU%2FQuO39tzx9KVYKVc%2BQXcHjaPrPcy7%2FsBa0ZT6NBaUgaPcJdoHP6U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8262030689641d96-FRA

GET
H3 200 Confluence%20to%20Cerber%20-%20Blog%20Thumbnail.jpg
www.huntress.com/hs-fs/hubfs/ 13 KB
14 KB 41ms
41ms Image
image/webp 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntress.com/hs-fs/hubfs/Confluence%20to%20Cerber%20-%20Blog%20Thumbnail.jpg?width=600&name=Confluence%20to%20Cerber%20-%20Blog%20Thumbnail.jpg

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f993caa001338e6d090d683e4aca79a0e6c0d770fa3840aafaf09f426397d8fa

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 cc91f4cc360b8afb58871d3847b754c4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-144195042667,P-3911692,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 13706
cf-resized: internal=ok/h q=0 n=27+0 c=1+12 v=2023.9.8 l=13706
last-modified: Tue, 07 Nov 2023 00:23:16 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cffAdK7yH980qaXgsKrwCy0ELfe_YPQ8NgyooicLtuDQ:40e72b13ffdb918b90c845b21aa73c57"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aauR7i%2FRfrPBFVeAlX4FZlKcLrZ08mWkGyWCfk8FCJDsqgQqfkVBFkjB7xJckFc8Buvf2Up3VcmEwxTQaojE8dbBMF53q440ydDrwirYaM21WThau6HxOxZOUNYKGXXcsURs%2FQVFmKbvGsFGVJM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 8262030689651d96-FRA

GET
H3 200 json Show response
www.huntress.com/_hcms/forms/embed/v3/form/3911692/196be66c-f1bb-4156-af05-2952954526cd/ 9 KB
4 KB 197ms
196ms XHR
application/json 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntress.com/_hcms/forms/embed/v3/form/3911692/196be66c-f1bb-4156-af05-2952954526cd/json?hs_static_app=forms-embed&hs_static_app_version=1.4130&X-HubSpot-Static-App-Info=forms-embed-1.4130

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a914acec1a263a5f50f8c5949d023db05d9c166f7bc808b8bef4be615eea405

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-origin-hublet: na1
date: Tue, 14 Nov 2023 20:30:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 4af16db1-9bca-459a-b3a6-4b555dbc1cfc
content-encoding: br
x-envoy-upstream-service-time: 14
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4af16db1-9bca-459a-b3a6-4b555dbc1cfc
server: cloudflare
x-trace: 2BC1551DF9BA57D021C454838F391717379EF17762000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-max-age: 180
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fd659ccfb-g6nd8
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivHzA0Bcg3zp9NBHJBese60yXl%2FaUkRPnJj8pau6r9bEP8s3gdDKWuBSseWRaSkaVwGGxIGU2e9c9aXldUCBljMWo%2Fh0TtBVu28tJRjlInHr8RP57qljEqKUSmFj3VQyvLoRGO7%2BIvwFhGXy5AM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 82620306e9ee1d96-FRA
access-control-allow-headers: *
x-robots-tag: none

GET
H2 200 hotjar-2159185.js Show response
static.hotjar.com/c/ 9 KB
4 KB 61ms
24ms Script
application/javascript 52.222.139.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2159185.js?sv=6

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-19.ams50.r.cloudfront.net

Software

Resource Hash

2c1ff2614ad6ef0cdfc4cd30fd8df4de7a45d08d2df574eeedf9babaaead1dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 20:30:21 GMT
via: 1.1 0b3cd120321973f1462a42e82c43c1cc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
age: 22
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/99b014c408a2a7b4558d44dfa8c3189b
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: Thn4YkxtAwOYOpObXecsjyhnlEGIKg2F_UPwSQ87eX5bwXDqOqldnA==

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
358 B 766ms
106ms XHR
application/json 54.164.23.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDc1MzJ9.cEH1s6yztON1Ehgx-719N-kMH0OD6S-0URMdFL8pAP0

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.164.23.4 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-23-4.compute-1.amazonaws.com

Software

Resource Hash

b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.huntress.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: 0426b3f82389acd8eccdf604be191184

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
357 B 766ms
107ms XHR
application/json 54.164.23.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDc1MzJ9.cEH1s6yztON1Ehgx-719N-kMH0OD6S-0URMdFL8pAP0

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.164.23.4 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-23-4.compute-1.amazonaws.com

Software

Resource Hash

b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.huntress.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: 149f4997cc1907c095162cd65f0013f0

OPTIONS
H2 200 tp2
webhooks.fivetran.com/snowplow/326b5e9f-b03b-4ea3-894f-c545305b3241/com.snowplowanalytics.snowplow/ Frame 0
0 203ms
39ms Preflight
application/json 34.159.227.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://webhooks.fivetran.com/snowplow/326b5e9f-b03b-4ea3-894f-c545305b3241/com.snowplowanalytics.snowplow/tp2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.159.227.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

151.227.159.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.huntress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-origin: https://www.huntress.com
content-length: 0
content-type: application/json
date: Tue, 14 Nov 2023 20:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin

POST
H2 200 tp2 Show response
webhooks.fivetran.com/snowplow/326b5e9f-b03b-4ea3-894f-c545305b3241/com.snowplowanalytics.snowplow/ 53 B
325 B 249ms
175ms XHR
application/json 34.159.227.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://webhooks.fivetran.com/snowplow/326b5e9f-b03b-4ea3-894f-c545305b3241/com.snowplowanalytics.snowplow/tp2

Requested by

Host: huntresscdn.com
URL: https://huntresscdn.com/19680a27e88da4a3713af26571b4849096e75d617f2845574af7fd15746256bb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.159.227.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

151.227.159.34.bc.googleusercontent.com

Software

Resource Hash

4081a5f270ace3305571b8f393e20c3a50141d103fb6fced35cf64d5182c2cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.huntress.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 53

GET
H2 200 3911692.js Show response
js.hs-analytics.net/analytics/1699993800000/ 68 KB
22 KB 181ms
153ms Script
text/javascript 2606:4700::6810:4cba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1699993800000/3911692.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4cba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 552e73996adba6a0248783405d3f9abd1240fa31f8545721e88211cd19095525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 2Y0VCB6W5VTN1X2J
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 0683db9a-d156-41d5-b86c-16a979efc2f9
x-envoy-upstream-service-time: 27
x-amz-id-2: gBckV7STWEWoiXcoiEfU6eR1PDwC/+//H5SozjjrE1NhoSon4xdLpvlTRSbWe8yVx/mDEvKhQAk=
x-evy-trace-listener: listener_https
x-request-id: 0683db9a-d156-41d5-b86c-16a979efc2f9
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 23 Oct 2023 20:06:36 GMT
server: cloudflare
etag: W/"0e0a69675db8f8b8c9cef37993ab4533"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6849bc8697-28qjm
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 826203073c5f9c00-FRA
expires: Tue, 14 Nov 2023 20:35:21 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 56ms
27ms Script
application/javascript 2606:4700::6811:e4a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e4a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2148aae183c99fd22de0fa5ac66943716f59908dc935b3b3ca7f02cfdeca17f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
x-amz-version-id: MNLx4JOx3WSJAJIp0HalotEMdYQEQdMj
via: 1.1 66b6cd04ec22251498906e833eb08668.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 159
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.494/bundles/pixels-release.js&cfRay=8261ff245d894db8-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 98ac494d-2945-42fb-84de-a18ced5088e7
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 98ac494d-2945-42fb-84de-a18ced5088e7
last-modified: Fri, 27 Oct 2023 13:56:49 UTC
server: cloudflare
etag: W/"14edbc97b72939e54b0993394190ecf8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-59f9889544-hlwpz
cf-ray: 8262030738045d82-FRA
x-amz-cf-id: L7r3UyyfePSdO4G-0qn3grdSvdvdtsQTVeDfHdS_rtKqU0BNobRlmQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.494/bundles/pixels-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 173ms
131ms Script
application/javascript 2606:4700::6811:589a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:589a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200cef31a4664eb38f1293062efc3d5acf8e769cc27242418b198a0aa4b20492

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.huntress.com/
Origin: https://www.huntress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
x-amz-version-id: XYPPFvciWFKtpS2hNgrEqmNT6fxOdL.H
via: 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 94b2ae52-c18e-4c0c-b6b1-e4b3d15bb198
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.433/bundles/project.js&cfRay=826203074d1e2c53-FRA
x-cache: RefreshHit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 4
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 94b2ae52-c18e-4c0c-b6b1-e4b3d15bb198
last-modified: Mon, 23 Oct 2023 13:11:34 UTC
server: cloudflare
etag: W/"7864f8fd485be672e98358eb894b6fd7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-59f9889544-lkw24
cf-ray: 826203074d1e2c53-FRA
x-amz-cf-id: qqhhfusa_IV9Cip3lwy17eqop3EY8PLXrkClkFdZxtTFKy2usPPYHw==
x-hs-target-asset: collected-forms-embed-js/static-1.433/bundles/project.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
88 KB 52ms
24ms Script
application/javascript 2606:4700::6812:7e0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7e0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee041148b4d2b4bfb2a9dbff837265a3484bb6ef80a18174ee45309237654c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.huntress.com/
Origin: https://www.huntress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-encoding: br
age: 20609
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1275/bundle/main/lead-flows-release.js&cfRay=82600bdefbb5364b-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"df7c200fc1e8a1a0c9d50df4fbec7e86"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1275/bundle/main/lead-flows-release.js
date: Tue, 14 Nov 2023 20:30:21 GMT
x-amz-version-id: RTyeMetKvg_dT1r75rKZucXAeC83sdPJ
via: 1.1 a4f9ca051b97c1ac09e2af244690d376.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: e6ea6642-6718-468c-add4-9611b86e5f49
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-request-id: e6ea6642-6718-468c-add4-9611b86e5f49
last-modified: Wed, 25 Oct 2023 14:35:17 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-59f9889544-hlwpz
cf-ray: 826203073a3f18fd-FRA
x-amz-cf-id: jsiaLf7lq991E2-FsTz2Yu7mFhmCYB-BMTZISuVJx2gCPgjhyPbHlw==

GET
H2 200 3911692.js Show response
js.hs-banner.com/ 60 KB
16 KB 168ms
128ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3911692.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/hs/scriptloader/3911692.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf32a0cb38105c879a1aabd4aab6dca757e62acca5f439652d49f19b557950e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
x-amz-version-id: Aab8AFa8q5.6e.QC2az8HL0CRTic4LHA
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: C9H1X5E5D73TK446
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 774eead6-a37a-4507-ad4b-adf4b37342dc
x-envoy-upstream-service-time: 45
x-amz-id-2: TzgNDNUFdQW2ek0wzuAaAGbALlm5lks5ZpWeVGaIMclqvU3hb2MHl4TUCpL2z00krWx4F7tN3nI=
x-evy-trace-listener: listener_https
x-request-id: 774eead6-a37a-4507-ad4b-adf4b37342dc
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 23 Oct 2023 20:06:37 GMT
server: cloudflare
etag: W/"9a2546daf296c3f0f5533d6a24b5aaed"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.huntress.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-576b4d6667-7nqmg
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 82620307486f9a05-FRA
expires: Tue, 14 Nov 2023 20:35:21 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d26c2a43f6563ef5cd6437af5fdaa0ac158ff8e191b050db6fd6de3d1dc2e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 20:30:21 GMT
content-md5: cG5gr+lGv4xfU//3FMErkA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints
x-fb-debug: bsRGVlDPIjqXtjha3j1xYEI+nf4bWbHteWJ4aQ4EISu4/VpDBtmN0lpbBte9st+5YQwp5rgZJjBJG8nfSZoitA==
x-fb-content-md5: bc9565545d12b520e816e8fae6ae9a5b
cross-origin-opener-policy: same-origin-allow-popups
etag: "8076bb4a46add8bee6f4f9cfbaf73ba6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 14 Nov 2023 20:38:02 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 70ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: 9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 20:30:21 GMT
Content-Encoding: gzip
Age: 1357
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27598
Last-Modified: Mon, 09 Oct 2023 20:29:49 GMT
Server: ECS (frb/6772)
Etag: "391b7fdf0c468036f27102529636f0ca+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
977 B 218ms
188ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=3911692&callback=jsonpHandler

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: no-sniff
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 45ec2516-5958-4699-9e0a-6c3349730037
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=826203074f65196a&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: 45ec2516-5958-4699-9e0a-6c3349730037
server: cloudflare
x-trace: 2BF2CBB9D1DF4E81773886FB9CF4D6EA0A3F4746B5000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-59f9889544-hgc92
x-evy-trace-virtual-host: all
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 826203074f65196a-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
80 KB 81ms
79ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-429191348&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GCTMBVFESS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76fd789d1fbd44d6fa868e243392c98cf8c0f0221351dedf713ef495741708e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81767
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Nov 2023 20:30:21 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 110ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GCTMBVFESS&gtm=45je3b81v9122196611&_p=1699993820771&gcs=G100&gcd=11p1p1l1l5&dma_cps=sypham&dma=1&gdid=dZTQ1Zm&cid=2060860482.1699993821&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699993821&sct=1&seg=0&dl=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&dt=Critical%20Vulnerability%3A%20SysAid%20CVE-2023-47246&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1159
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GCTMBVFESS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 20:30:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.huntress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
455 B 219ms
92ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=11p1p1l1l5&rnd=2035575110.1699993821&url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&dma_cps=sypham&dma=1&gtm=45He3b81n81WVGPJJ5v9127322656

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVGPJJ5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 20:30:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 38ms
12ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVGPJJ5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230069-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 169ms
53ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVGPJJ5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 19:49:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2440
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 14 Nov 2023 21:49:41 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 31ms
7ms Script
application/javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVGPJJ5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0f95243b84215f5c6187452bccc0df8e5442db6d0150855df3c9c355796da6a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 14 Nov 2023 10:26:27 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=50217
accept-ranges: bytes
content-length: 3840

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 78ms
37ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVGPJJ5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 14 Nov 2023 20:30:21 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D97698614EDF42A78DCBD7AC017904D7 Ref B: FRAEDGE1811 Ref C: 2023-11-14T20:30:21Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 qevents.js Show response
a.quora.com/ 41 KB
14 KB 79ms
32ms Script
text/plain 162.159.152.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVGPJJ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.152.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2a101f313f27c267a744088e44664a87d2ec7dc2a3464bf1319a95094dc76db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
x-amz-version-id: DENAuZi5jc6G3XAf0_byr8vJzUcVnf.F
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: SQW7NAVMXQTQ03G5
age: 152651
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RJxqPI9akTsEL27egwxozy7RV38C3QGpKE99PaCDc+mp6rx7AxaaOpkck1XY3C1gw3J/aONga1w=
last-modified: Tue, 17 Oct 2023 18:57:21 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:5defc3f1c55a0cb9cbca8c06fbabaf65
etag: W/"5defc3f1c55a0cb9cbca8c06fbabaf65"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
cf-ray: 82620308796865d8-FRA
expires: Wed, 15 Nov 2023 00:30:21 GMT

GET
H2 200 site-script.js Show response
cdn.metadata.io/ 7 KB
3 KB 77ms
14ms Script
application/javascript 2600:9000:223c:dc00:9:d7d4:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.metadata.io/site-script.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:dc00:9:d7d4:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ca12748cbcc37ab8e6a34372ac9b9d4ac0a72c486b63db612dc3a3fc608e8d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: 2I4W04U5PiWondXB6y5kUp0gRs.tRX6t
content-encoding: gzip
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
date: Tue, 14 Nov 2023 06:51:05 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P2
age: 49215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Oct 2023 21:20:45 GMT
server: AmazonS3
etag: W/"4952b0f6259575d3fee3d8e3b63b3b45"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: Gi1LTMjwDxwMF3_a61sG53P9KLV9MVw5aqBkZ31iq0wt3CLITscH_w==

GET
H2 200 62f67a71a4cf97008ef6d460 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 259ms
236ms Script
text/javascript 2606:4700::6810:890f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/62f67a71a4cf97008ef6d460

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d95e6ed219886193a6aa28fc592d342e9a1bae9688be2cd41fc7eafcb1fd3737

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 82620308590f6ab9-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 86ms
43ms Script
text/javascript 2606:4700:4400::6812:24c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:24c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
server: cloudflare
age: 56096
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 826203087f62699f-FRA
expires: Tue, 14 Nov 2023 20:50:21 GMT

GET
H2 200 1006267.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 958 B
2 KB 158ms
128ms Script
text/javascript 2606:4700:4400::6812:2b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/1006267.js?p=https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246&e=

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c59924cdca7796d9578872e6933998297b41cb0a2951ccaf7de4bd7cf921ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
x-xss-protection: 1; mode=block
x-request-id: 3f9f0f18-861a-4949-ba2f-b93b50bda0da
x-runtime: 0.003909
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"14c59924cdca7796d9578872e6933998"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
cf-ray: 826203088b5a9bf2-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Nov 2023 20:30:21 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: VoKNMQgtJTcJoa0y0EfkcYiMcJmBOVU+Nctcdrpdg/tPoWL/iGT2IVKG1hOlGfuiToWBP0Cnc+7eREXn7UyFkA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 53ms
14ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 18 KB
7 KB 130ms
99ms Script
text/javascript 52.57.212.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.212.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-212-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6b4548bb7a59c4905c6e0e11b9f3990fdc62f0b74d6bbcf719c9199726efd806

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 14 Nov 2023 20:30:21 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 e666a54d-ff29-48f9-9baa-2be6ac05412e.js Show response
j.6sc.co/j/ 837 B
1 KB 476ms
412ms Script
application/javascript 2.19.96.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/e666a54d-ff29-48f9-9baa-2be6ac05412e.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVGPJJ5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.139 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-139.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 82ba33778a6595a59baef6e6964c64d7c3e9888c2bbf74461f1948b295db28e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: iBgsOgE4Kr3Z0Ccj2rm1wK8VxmZ_A29h
date: Tue, 14 Nov 2023 20:30:22 GMT
x-amz-cf-pop: AMS58-P6
x-amz-server-side-encryption: AES256
x-amz-meta-content-type: application/json
content-length: 837
pragma: no-cache
last-modified: Fri, 18 Aug 2023 17:22:32 GMT
server: AmazonS3
etag: "29df5bb770be8e518fe2206581f712a6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: _ecfiweL7t964d8xMgE9m6AR74kDR1pYg-VoCrRqntpvVyEwJisB8w==
expires: Tue, 14 Nov 2023 20:30:22 GMT

GET
H2 200 site-insights.js Show response
cdn.metadata.io/ 3 KB
1 KB 11ms
10ms Script
application/javascript 2600:9000:223c:dc00:9:d7d4:1380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.metadata.io/site-insights.js

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:dc00:9:d7d4:1380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f277f68dfdfd292d90cb8024420897e6915ab570803af77f6e2118dea071a7c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: ODluRCoRelOVkyhnmrpOHlRTG26H_cXE
content-encoding: br
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
date: Tue, 14 Nov 2023 01:47:05 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P2
age: 67457
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 01 Nov 2023 18:22:38 GMT
server: AmazonS3
etag: W/"fdaf99c1cb788098c0c033d7296cacf5"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: gbevR9AeqK5rMBzOKbBYXypBO4KnL51AOTCAMHTS5uH579gcfnENfQ==

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/83f2d51fb0164c438fbdaa8c29ed2e5e/ 43 B
424 B 423ms
103ms Image
image/gif 52.44.31.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/83f2d51fb0164c438fbdaa8c29ed2e5e/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.31.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-31-83.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 20:30:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,e199643e63fac3f4b02eeae553311a0f,10.0.0.125,32778,185.213.155.146,,40411097067,1,1699993821.915,0.001,,.,0,0,0.000,0.000,-,0,0,203,280,140,10,35796,,,,,,-,
Content-Type: image/gif

GET
H/1.1 200
OK 256149
bidagent.xad.com/conv/ 42 B
342 B 800ms
206ms Image
image/gif 54.173.34.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidagent.xad.com/conv/256149?ts=1699993821448
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.34.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-34-214.compute-1.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 20:30:21 GMT
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

GET
H3 200 all.js Show response
connect.facebook.net/en_GB/ 304 KB
86 KB 19ms
9ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js?hash=1510dc4c2426450c8993fa72bcb7abf4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b7f21373bc1ae7fed6cb759c0b776ee0a0adcd30797376ab98687884545e52fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.huntress.com/
Origin: https://www.huntress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 20:30:21 GMT
content-md5: GJa2EdnOUPhW/7L3x/ZvlA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87805
reporting-endpoints
x-fb-debug: DfexJcvCNogiO4AkASnOi9L0LzNGRI9/sDVRhIQG53DBo9OXaQJCd9XVRxCGRdcjPE+lR4+A4rQZU8Q0sm/w0w==
x-fb-content-md5: 61079fa018b876548d2862d30a8d9ade
cross-origin-opener-policy: same-origin-allow-popups
etag: "23ed168f1e27b8805e3660e2516dc542"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 13 Nov 2024 20:13:43 GMT

GET
H2 200 modules.4fff30a11f83c70bc2a1.js Show response
script.hotjar.com/ 225 KB
56 KB 46ms
9ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.4fff30a11f83c70bc2a1.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2159185.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

a603b2b20c78990ff3b6b9e99a5d303b936d8885950ced8135df87c23eff4f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 12:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 462435
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 57093
last-modified: Thu, 09 Nov 2023 12:03:05 GMT
etag: "90fe477ee0715709dc5b1153c76d0f7a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: uh6WDBU1eBaDQtVuXzRY_R1KB54Xvd73pJ2C5bWiAxsgXOesStVv3Q==

GET
H/1.1 200
OK widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html Show response
platform.twitter.com/widgets/ Frame 4AA6 319 KB
104 KB 10ms
10ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.huntress.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://www.huntress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3110267
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Tue, 14 Nov 2023 20:30:21 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6795)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
1015 B 196ms
157ms Image
image/gif 2606:4700::6811:cff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 20:30:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 742dbb61-e508-4f79-b1a5-ef004bf2f780
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 742dbb61-e508-4f79-b1a5-ef004bf2f780
Server: cloudflare
X-Trace: 2B73543C100BEB90A87D4899882C3BBA738B796448000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fd659ccfb-s7swd
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 82620309097691f6-FRA

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 126ms
109ms Preflight
application/octet-stream 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.huntress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.huntress.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 82620308d9ae35e8-FRA
content-length: 0
content-type: application/octet-stream
date: Tue, 14 Nov 2023 20:30:21 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 1
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6849bc8697-vvl5l
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: f043732c-3473-402e-8d80-696b26aa8e3b
x-request-id: f043732c-3473-402e-8d80-696b26aa8e3b

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
174 B 137ms
137ms XHR
text/plain 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-banner.com/cookie-banner-public/v1/activity/view

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/3911692.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 3f1f3b2e-5e8c-4268-8d8b-2590dbb0bb40
x-envoy-upstream-service-time: 20
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3f1f3b2e-5e8c-4268-8d8b-2590dbb0bb40
server: cloudflare
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.huntress.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6849bc8697-28qjm
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 826203098af435e8-FRA

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 4AA6 869 B
658 B 139ms
117ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=b4568cc196f8627298b88643e876ee4ed7f1aed9

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.huntress.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-response-time: 110
date: Tue, 14 Nov 2023 20:30:21 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 14 Nov 2023 20:30:21 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 35b397a22a80ec31
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 108db1543a9e53f862a34fab3db86fad83e48879b3e4813d2735ef175b900468
content-length: 337

GET
H/1.1 200
OK counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
1015 B 363ms
315ms Image
image/gif 2606:4700::6812:a07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 20:30:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 85e24501-cd1e-47f5-ac27-669662a93c04
x-envoy-upstream-service-time: 1
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 85e24501-cd1e-47f5-ac27-669662a93c04
Server: cloudflare
X-Trace: 2BAEAD4F073C8F28AFF6732C0112F3FE9C32470D09000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fd659ccfb-g6nd8
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 826203096b02bbf8-FRA

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=18417
accept-ranges: bytes
content-length: 3272

GET
H2 200 adsct
t.co/1/i/ 43 B
379 B 206ms
191ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=53354d82-8808-4d8b-8023-606d98468011&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=f33cd05d-d3a6-4d54-b4c7-6e0c398775e2&tw_document_href=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&tw_iframe_status=0&txn_id=odo68&type=javascript&version=2.3.29

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-response-time: 185
date: Tue, 14 Nov 2023 20:30:20 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 04c07074d53232f5
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: d25c9c84c59a5a6c9ee06808f863d7b6f38b7c69912d2adef3e935f83a3e7a19
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
726 B 202ms
188ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=53354d82-8808-4d8b-8023-606d98468011&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=f33cd05d-d3a6-4d54-b4c7-6e0c398775e2&tw_document_href=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&tw_iframe_status=0&txn_id=odo68&type=javascript&version=2.3.29

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-response-time: 181
date: Tue, 14 Nov 2023 20:30:21 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: dfdd8314c9dec398
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7a4917b8496efc3df9e156230b271e2271961f4082c4f8154b707ba321bd98cf
content-length: 43

GET
H3 200 403957864408442 Show response
connect.facebook.net/signals/config/ 140 KB
36 KB 272ms
272ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/403957864408442?v=2.9.138&r=stable&domain=www.huntress.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

21e7a767b80a102e4313f26e3a65b273a07dcecacd30046f036438de7ce72280

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Nov 2023 20:30:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: pwZUF705Wbo2gsQiRLhtu1ZHrxgMRHg7M04LMA+/7P5cddbNaNMN3iIROhv0iCFtKSo9EEpaXH/wu46Qau16qw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
435 B 147ms
131ms XHR
application/json 2606:4700::6811:589a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=3911692&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:589a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d247e1c2efc38a727967b2f5f9e99b961d0cbe2b0aa1ddcf170bd6933409403

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7c1b3818-b9ac-4035-a8a2-ec3b42503a32
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7c1b3818-b9ac-4035-a8a2-ec3b42503a32
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.huntress.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-59f9889544-pw49x
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 82620309a80b2c53-FRA

OPTIONS
H2 403 traffic
api-gw.metadata.io/ Frame 0
0 579ms
186ms Preflight
application/json 54.185.118.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-gw.metadata.io/traffic
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.185.118.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-185-118-145.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.huntress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 23
content-type: application/json
date: Tue, 14 Nov 2023 20:30:22 GMT
x-amz-apigw-id: OZ7SwHRpvHcEoNA=
x-amzn-errortype: ForbiddenException
x-amzn-requestid: cfdbeeed-bb50-4bf4-95d3-5898d02cb313

POST traffic
api-gw.metadata.io/ 0
0

GET
H2 204 cs
a.usbrowserspeed.com/ 0
0 621ms
209ms Fetch 34.211.31.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.usbrowserspeed.com/cs?pid=5de38576d91fe7ac65e01de48078379caf9e72e979b06a5762372b0c12e930ef&puid=loysffuw6xrogq1qg6j
Requested by: Host: cdn.metadata.io
URL: https://cdn.metadata.io/site-insights.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.211.31.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-31-243.us-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:22 GMT
server: awselb/2.0

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
450 B 119ms
118ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17715818&r=1699993821706&ref=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 17715818
Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
via: 1.1 google
x-guploader-uploadid: ABPtcPox_j0IgcmkVIiWOOlvLiDOh7EYdRmyAwQNqXjtZgKXbcGQ1DIgLaiYsptOiRQ7HsYL51s
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Tue, 14 Nov 2023 21:30:21 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 151ms
110ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17715818&r=1699993821706&ref=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://www.huntress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 14 Nov 2023 20:30:21 GMT
expires: Tue, 14 Nov 2023 20:30:21 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ABPtcPpCr3fgkBp7bpJ0-unBa0tZas1boplUyYYIA-2yByxD4LtuoVDRgjwNSHBCg7FX57W4sIc

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 24ms
7ms Image
image/gif 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1699993821709&id=t2_12z44i&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=e1291e4d-8e91-4950-87be-cf6ec73f5a3a&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:21 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 54ms
53ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=673608374&t=pageview&_s=1&dl=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&ul=en-us&de=UTF-8&dt=Critical%20Vulnerability%3A%20SysAid%20CVE-2023-47246&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAgAAAABAAAAAAAAIk~&cid=2060860482.1699993821&tid=UA-67431920-1&_gid=800955599.1699993822&gtm=45He3b81n81WVGPJJ5v9127322656&gcs=G100&gcd=11p1p1l1l5&dma_cps=sypham&dma=1&z=1517291399

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 04:03:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59229
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 187059084.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 36ms
36ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187059084.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cf8edbedfd479fe7cc642e3a1db515dd1103f2d7864f0db5cae6144fbde44ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Tue, 14 Nov 2023 20:30:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8290C098ADB1434083AA75D8C93711A1 Ref B: FRAEDGE1811 Ref C: 2023-11-14T20:30:21Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
285 B 37ms
36ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187059084&tm=gtm002&Ver=2&mid=faf4e110-bdd6-44b8-bb20-bb56ff100254&sid=a23bf580832c11eeb85e0f437644e4cb&vid=a23c26b0832c11ee9bcd456e11104c71&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Critical%20Vulnerability%3A%20SysAid%20CVE-2023-47246&p=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&r=&lt=1073&pt=1699993820227,,,,,0,100,100,100,135,112,135,236,240,442,1065,1068,1073,,,&pn=0,0&evt=pageLoad&sv=1&rn=330072

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 14 Nov 2023 20:30:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 80E302486E274C08944FE9D85D0477CE Ref B: FRAEDGE1811 Ref C: 2023-11-14T20:30:21Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 98ms
97ms Stylesheet
text/css 52.57.212.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.212.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-212-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 35504f9cfa8ba1cba652feb2648a4347a3ff4a987d1280eb1013713e9762c23c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 14 Nov 2023 20:30:21 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 114ms
100ms Fetch
image/jpeg 52.57.212.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.212.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-212-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 14 Nov 2023 20:30:21 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 112ms
98ms Fetch
image/jpeg 52.57.212.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.212.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-212-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 14 Nov 2023 20:30:21 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 152ms
54ms XHR
application/json 99.81.165.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.4fff30a11f83c70bc2a1.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 99.81.165.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-165-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: fc3fb35c5c8d7c9ad56b8e4d7ea271b64507e1e56a96337706276fd2e01930cd

Request headers

Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 14 Nov 2023 20:30:22 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
624 B 137ms
126ms Image
image/gif 2606:4700::6811:cff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=4

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d4de589e-8f1a-4b3f-af24-da87b6a2276e
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d4de589e-8f1a-4b3f-af24-da87b6a2276e
server: cloudflare
x-trace: 2BE3BFD3FF131D737030E9B8094197A7C869314514000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fd659ccfb-n8fhc
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8262030b194b5c92-FRA

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3281745&time=1699993821927&url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3281745&time=1699993821927&url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3281745%26time%3D1699993821927%26url%3Dhttps%253A%252F%252Fwww.huntress.com%252Fb...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3281745&time=1699993821927&url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3281745&time=1699993821927&url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&cookiesTest=true&liSync=true&...

0
265 B

208ms
184ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3281745&time=1699993821927&url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&cookiesTest=true&liSync=true&e_ipv6=AQLZ6SRcIN9XDwAAAYvPhyWcJ2rOpSO4LGvZV-S6l-CM2qBmBV4cWnebsb3-m40mBXRVyumf
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:22 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F755B7E5019C4AA59D24A279E93777E7 Ref B: FRAEDGE1906 Ref C: 2023-11-14T20:30:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKIqfuCLxWtNSX6pLwUQ==

Redirect headers

date: Tue, 14 Nov 2023 20:30:22 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F7198B3904C1442E856CB84608ED6436 Ref B: FRAEDGE1805 Ref C: 2023-11-14T20:30:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3281745&time=1699993821927&url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&cookiesTest=true&liSync=true&e_ipv6=AQLZ6SRcIN9XDwAAAYvPhyWcJ2rOpSO4LGvZV-S6l-CM2qBmBV4cWnebsb3-m40mBXRVyumf
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKIqfqwQd8Chej3Iq5XQ==

POST
H2 200 assign
tracking.g2crowd.com/attribution_tracking/conversions/1006267/ 0
172 B 129ms
129ms Ping
text/html 2606:4700:4400::6812:2b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.g2crowd.com/attribution_tracking/conversions/1006267/assign
Requested by: Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/1006267.js?p=https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246&e=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2b1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryuBMNuGiHbeo1Ugcu

Response headers

x-runtime: 0.003147
date: Tue, 14 Nov 2023 20:30:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: OPTIONS, POST
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers
cache-control: no-cache
vary: Origin
cf-ray: 8262030b1e679bf2-FRA
x-request-id: 195304e7-1f25-436f-a093-4cf7d988ba9d

POST
H2 200 assign
tracking.g2crowd.com/attribution_tracking/conversions/1006267/ 0
289 B 122ms
121ms Ping
text/html 2606:4700:4400::6812:2b1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.g2crowd.com/attribution_tracking/conversions/1006267/assign
Requested by: Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/1006267.js?p=https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246&e=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2b1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryk40fw1NGINhd2gCh

Response headers

x-runtime: 0.003419
date: Tue, 14 Nov 2023 20:30:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: OPTIONS, POST
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers
cache-control: no-cache
vary: Origin
cf-ray: 8262030b1e699bf2-FRA
x-request-id: 63978c7c-30c7-43d9-b338-442335b07e46

GET
H2 200 187059084 Show response
www.clarity.ms/tag/uet/ 829 B
1 KB 204ms
144ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/187059084
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/187059084.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b4a82caa0fc65be097055243fca3a88abfcb2917b53f5819a847aa484296be53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: -1
date: Tue, 14 Nov 2023 20:30:22 GMT
x-azure-ref: 20231114T203021Z-98z6x52u397tt2unq3cbccm7b4000000022g000000024750
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 829
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 24ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=403957864408442&ev=PageView&dl=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&rl=&if=false&ts=1699993821962&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699993821959.1189796455&cs_est=true&ler=empty&it=1699993821664&coo=false&rqm=GET

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 14 Nov 2023 20:30:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
BLOB 200
OK 032f7c13-327f-4673-b5c6-54b187afdd14
https://www.huntress.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.huntress.com/032f7c13-327f-4673-b5c6-54b187afdd14
Requested by: Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 138 B
333 B 110ms
109ms XHR
text/plain 52.57.212.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=yZKscIIzalsoNin7qAYxQw&is_js=true&landing_url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&t=Critical%20Vulnerability%3A%20SysAid%20CVE-2023-47246&tip=eo0TccnhgiTYzY5OJ13YqN-lsq6UDVZvGA_g8k9awmM&host=https%3A%2F%2Fwww.huntress.com&sa_conv_data_css_value=&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd99b39b16f72b65a097ee343059088ebc4b9d59b92&sa-user-id-v3=s%253AAQAKIFumBDYN005ZR9qyWX9DDxv2VittFeOxoFGonRI8OdK5EHwYBCDdsc-qBjABOgRzygDyQgT58tL2.jFlenjvda076zJ%252BQJcHCjJkqcbm0hVY0qhDi%252F5mRoKg&sa-user-id-v2=s%253Amzmxb3K2Wgl-40MFkIjrxLnVm5I.1iZ4VIUDevCOYU66XqgTvZNG2wgU%252FuxtXAvNgBN3JAA&sa-user-id=s%253A0-9b39b16f-72b6-5a09-7ee3-43059088ebc4.AvWvseaN3SUPgmsPxz8SaXnGY1AiKGRNh%252BJTe6IvhEY
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.212.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-212-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: fc573eaf0e39d6b2429951f78b744dde5acb4cbee85a9b903aea0210072d9b48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: https://www.huntress.com
date: Tue, 14 Nov 2023 20:30:22 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 138
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 138 B
333 B 98ms
98ms XHR
text/plain 52.57.212.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=yZKscIIzalsoNin7qAYxQw&is_js=true&landing_url=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&t=Critical%20Vulnerability%3A%20SysAid%20CVE-2023-47246&tip=eo0TccnhgiTYzY5OJ13YqN-lsq6UDVZvGA_g8k9awmM&host=https%3A%2F%2Fwww.huntress.com&sa_conv_data_css_value=%270-9b39b16f-72b6-5a09-7ee3-43059088ebc4%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd99b39b16f72b65a097ee343059088ebc4b9d59b92&sa-user-id-v3=s%253AAQAKIFumBDYN005ZR9qyWX9DDxv2VittFeOxoFGonRI8OdK5EHwYBCDdsc-qBjABOgRzygDyQgT58tL2.jFlenjvda076zJ%252BQJcHCjJkqcbm0hVY0qhDi%252F5mRoKg&sa-user-id-v2=s%253Amzmxb3K2Wgl-40MFkIjrxLnVm5I.1iZ4VIUDevCOYU66XqgTvZNG2wgU%252FuxtXAvNgBN3JAA&sa-user-id=s%253A0-9b39b16f-72b6-5a09-7ee3-43059088ebc4.AvWvseaN3SUPgmsPxz8SaXnGY1AiKGRNh%252BJTe6IvhEY
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.57.212.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-212-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: fc573eaf0e39d6b2429951f78b744dde5acb4cbee85a9b903aea0210072d9b48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: https://www.huntress.com
date: Tue, 14 Nov 2023 20:30:22 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 138
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 6si.min.js Show response
j.6sc.co/ 62 KB
17 KB 12ms
11ms Script
application/javascript 2.19.96.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/j/e666a54d-ff29-48f9-9baa-2be6ac05412e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.96.139 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-139.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4a6b23f2e9104338fbd23f2dbeed9d66d1e6ce39ff19c62b3df45a8fb1785105

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 20:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Nov 2023 16:55:18 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "655254f6-f762"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 16951
expires: Tue, 14 Nov 2023 20:30:22 GMT

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
465 B 108ms
107ms XHR
application/json 54.164.23.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.164.23.4 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-23-4.compute-1.amazonaws.com

Software

Resource Hash

8a633d29b4c207c21cedc873a2db9911520bf57a7f27df62f2e6adf32618aeff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.huntress.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: 500747fc6d082ce63a8538b8e26f5e68

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
465 B 107ms
107ms XHR
application/json 54.164.23.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.164.23.4 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-23-4.compute-1.amazonaws.com

Software

Resource Hash

523e87cbc120ee7fe9482da321509a57b43bc2bf823fa19d13e46890f2d6d27a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.huntress.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: 5e16662bab9840050451f7ebe23f4bc5

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
577 B 43ms
13ms XHR
application/json 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 20:30:22 GMT
an-x-request-uuid: fbc363df-ca89-4b34-bb0c-85145fd0cfdf
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.huntress.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.146; 185.213.155.146; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
194 B 43ms
13ms XHR
text/html 2.19.96.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.139 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:22 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.huntress.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
311 B 48ms
7ms XHR
text/html 2a02:26f0:7100::5f64:87f1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::5f64:87f1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3d45fdf57e5fd666b1ff640d125a0f6e7a8edfac5055af0885b29ff442d85007

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 20:30:22 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.huntress.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a03:1b20:6:f011::2e
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699993822081_1600423917_341865542_18_800_5_14_219";dur=1
content-length: 20
expires: Tue, 14 Nov 2023 20:30:22 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 205ms
196ms Image
image/gif 2.19.96.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=a87a3edc53b5a86d1795d11887b5aa39&svisitor=null&visitor=385087ea-4b18-4aed-8c1b-df41cd21b503&session=42955d8c-bace-4692-8d6f-701f01b89f73&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2014%20Nov%202023%2020%3A30%3A22%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Huntress%20has%20analyzed%20the%20emerging%20SysAid%20CVE-2023-47246%20vulnerability%20and%20recreated%20the%20attack%20chain%20with%20a%20proof-of-concept%20exploit.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Critical%20Vulnerability%3A%20SysAid%20CVE-2023-47246%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&pageViewId=39a04cc3-a0a5-47af-838a-60ba36ab604f&an_uid=0&webTagId=e666a54d-ff29-48f9-9baa-2be6ac05412e&v=1.1.10

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.96.139 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-139.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:22 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 209ms
200ms Image
image/gif 2.19.96.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=a87a3edc53b5a86d1795d11887b5aa39&svisitor=null&visitor=385087ea-4b18-4aed-8c1b-df41cd21b503&session=42955d8c-bace-4692-8d6f-701f01b89f73&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22a87a3edc53b5a86d1795d11887b5aa39%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2014%20Nov%202023%2020%3A30%3A22%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2014%20Nov%202023%2020%3A30%3A22%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2014%20Nov%202023%2020%3A30%3A22%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2014%20Nov%202023%2020%3A30%3A22%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2014%20Nov%202023%2020%3A30%3A22%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2014%20Nov%202023%2020%3A30%3A22%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2014%20Nov%202023%2020%3A30%3A22%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%22e666a54d-ff29-48f9-9baa-2be6ac05412e%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2014%20Nov%202023%2020%3A30%3A22%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2014%20Nov%202023%2020%3A30%3A22%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2014%20Nov%202023%2020%3A30%3A22%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2014%20Nov%202023%2020%3A30%3A22%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Huntress%20has%20analyzed%20the%20emerging%20SysAid%20CVE-2023-47246%20vulnerability%20and%20recreated%20the%20attack%20chain%20with%20a%20proof-of-concept%20exploit.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Critical%20Vulnerability%3A%20SysAid%20CVE-2023-47246%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&pageViewId=39a04cc3-a0a5-47af-838a-60ba36ab604f&an_uid=0&webTagId=e666a54d-ff29-48f9-9baa-2be6ac05412e&v=1.1.10

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.96.139 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-139.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:22 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 202ms
197ms Image
image/gif 2.19.96.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=a87a3edc53b5a86d1795d11887b5aa39&svisitor=null&visitor=385087ea-4b18-4aed-8c1b-df41cd21b503&session=42955d8c-bace-4692-8d6f-701f01b89f73&event=ipv6&q=%7B%22address%22%3A%222a03%3A1b20%3A6%3Af011%3A%3A2e%22%7D&isIframe=false&m=%7B%22description%22%3A%22Huntress%20has%20analyzed%20the%20emerging%20SysAid%20CVE-2023-47246%20vulnerability%20and%20recreated%20the%20attack%20chain%20with%20a%20proof-of-concept%20exploit.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Critical%20Vulnerability%3A%20SysAid%20CVE-2023-47246%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&pageViewId=39a04cc3-a0a5-47af-838a-60ba36ab604f&an_uid=0&webTagId=e666a54d-ff29-48f9-9baa-2be6ac05412e&v=1.1.10

Requested by

Host: www.huntress.com
URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.96.139 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-139.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:22 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.16/ 59 KB
25 KB 25ms
25ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.16/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/187059084
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 354142e53641e1e72a89609e46eff578e69d762290d65d84acaaf380751c20fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:22 GMT
content-encoding: br
last-modified: Sun, 12 Nov 2023 10:55:20 GMT
etag: W/"0x8DBE36DDD4CF754"
vary: Accept-Encoding
x-azure-ref: 20231114T203022Z-98z6x52u397tt2unq3cbccm7b4000000022g000000024768
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 93f20783-201e-001c-3460-167cbb000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
296 B 530ms
307ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.16/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.huntress.com
Date: Tue, 14 Nov 2023 20:30:22 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 core Show response
rc-widget-frame.js.driftt.com/ Frame 3ED0 2 KB
1 KB 620ms
376ms Document
text/html 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1699994100000/5d3cypit2iz8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

14e6206b0b854f8eb373b1ccfbac42efdb97e1034de1355abb4ee81aa0672ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.huntress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Tue, 14 Nov 2023 20:30:23 GMT
etag: W/"6a5cea74d414ec151635bd2880abb1c3"
last-modified: Mon, 21 Aug 2023 14:57:03 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-id: Mt7kpFBRBQzUIcGAZIWnTSOFo5NXC4Km0r-He5AcgUPaPjUr0y_34w==
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: hIxJdEPbt_45OV8bTT9Ad1M7VE.ABA8G
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 17

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
607 B 158ms
138ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=972325071&v=1.1&a=3911692&pi=144873329013&ct=blog-post&ccu=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&cpi=144873329013&cgi=39343107504&lpi=144873329013&lvi=144873329013&lvc=en&pu=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&t=Critical+Vulnerability%3A+SysAid+CVE-2023-47246&cts=1699993822970&vi=e91584934f64e795227d33e041f16456&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e3c4efe6-56a1-4d90-b13f-0a3caef101ef
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 5
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e3c4efe6-56a1-4d90-b13f-0a3caef101ef
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0Ht941qJlRLucyovj%2F1BDrfu6F8OxpdaAoKvvxhqw%2BsOisjO03j8UxgRB4APhewRES7HVy7LErA8m2Uo8rj9Hsd8AF4VfCZt45WVpuVjgBnV8zHkDlqyTsMwQJhR6X8Wi5RdESGweeNFacSt9RK"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7d79fcfc45-4dkd7
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 82620311bd8c196a-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
438 B 165ms
148ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=196be66c-f1bb-4156-af05-2952954526cd&fci=ae2db165-8795-4042-8b33-a4a223a49258&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=972325071&v=1.1&a=3911692&pi=144873329013&ct=blog-post&ccu=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&cpi=144873329013&cgi=39343107504&lpi=144873329013&lvi=144873329013&lvc=en&pu=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&t=Critical+Vulnerability%3A+SysAid+CVE-2023-47246&cts=1699993822972&vi=e91584934f64e795227d33e041f16456&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 11d9d5fd-c5de-4218-aabd-24115bb20759
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 8
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 11d9d5fd-c5de-4218-aabd-24115bb20759
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3cw8HY9GCKNQjlmMn1dhXwsnKnUNFSSy03krLsr79PDCUbibMkWIJSLtWOj4UOOckb9CwZ6J8q1TjO2vNBTD5qKQQE5yKUhgZHG1E6qw6zm806eQM47Fiuj8CiQ%2Fz%2Fm5uOBMqw%2BmG6cOrQ0WLAz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7d79fcfc45-kdwc6
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 82620311bd8d196a-FRA
x-robots-tag: none

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B83F50BE857944BC9BE26DE4F6E73736&RedC=c.clarity.ms&MXFR=3B3A6582D1EA600F26A8764BD5EA6E2C
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B83F50BE857944BC9BE26DE4F6E73736&MUID=3723CFCD2AA360E2040CDC042BA361A7

42 B
443 B

30ms
29ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B83F50BE857944BC9BE26DE4F6E73736&MUID=3723CFCD2AA360E2040CDC042BA361A7
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 20:30:22 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 20:30:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 66EC7116DA3A4C9FB2DA0939BC2A7C99 Ref B: FRAEDGE1811 Ref C: 2023-11-14T20:30:23Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B83F50BE857944BC9BE26DE4F6E73736&MUID=3723CFCD2AA360E2040CDC042BA361A7
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 196ms
195ms Image
image/gif 2.19.96.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=a87a3edc53b5a86d1795d11887b5aa39&svisitor=null&visitor=385087ea-4b18-4aed-8c1b-df41cd21b503&session=42955d8c-bace-4692-8d6f-701f01b89f73&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2014%20Nov%202023%2020%3A30%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2014%20Nov%202023%2020%3A30%3A22%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%221003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Huntress%20has%20analyzed%20the%20emerging%20SysAid%20CVE-2023-47246%20vulnerability%20and%20recreated%20the%20attack%20chain%20with%20a%20proof-of-concept%20exploit.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Critical%20Vulnerability%3A%20SysAid%20CVE-2023-47246%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&pageViewId=39a04cc3-a0a5-47af-838a-60ba36ab604f&an_uid=0&webTagId=e666a54d-ff29-48f9-9baa-2be6ac05412e&v=1.1.10

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.96.139 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-139.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:23 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 runtime~main.23dacaf3.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 6 KB
3 KB 367ms
366ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7573e5629fdd86c1b9715e81fd55e01c7cf7febbfc3562f5acbb757c0d4cce64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
Origin: https://rc-widget-frame.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:23 GMT
x-amz-version-id: pIvWjpmnkFEOPFn4Wb5jKsJCJYLlBZpR
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 46
last-modified: Mon, 21 Aug 2023 14:57:27 GMT
server: istio-envoy
etag: W/"7bebf8444c728503329344c5817cc4e6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GocD3zkcLQakOZK9tI6OI6gtGx2bhWIOYUBEs-G481Qr-0du9i_udw==

GET
H2 200 9.4a3e9801.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 35 KB
13 KB 415ms
414ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
Origin: https://rc-widget-frame.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:23 GMT
x-amz-version-id: OcMj73T8j58Wcv.SNzJ3wkvLKTZz2NNS
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 24
last-modified: Thu, 09 Nov 2023 16:46:50 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q8-b6v5aQT7rjrr39CrYAfO2fa8nmp9tkETNGiJADK5PO7YaxwXYiQ==

GET
H2 200 main~493df0b3.91dc5a14.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 7 KB
3 KB 350ms
350ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/main~493df0b3.91dc5a14.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

1ce5bbfddabe83a619dffbd897ac79e94ca961f04cf463583a421a22f5329938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
Origin: https://rc-widget-frame.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:23 GMT
x-amz-version-id: aQ8O6UMWsN.2o5G5k1LSH1svCMcNLzIM
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 29
last-modified: Mon, 21 Aug 2023 14:57:27 GMT
server: istio-envoy
etag: W/"c11c9776fa434757756e10e6ded61c75"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _GTFkZ4OTw6fS1dYXtTMZTuEtKAnOp4GFlxk78j1iSkJbLfmvi2Quw==

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
296 B 129ms
129ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.16/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.huntress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.huntress.com
Date: Tue, 14 Nov 2023 20:30:24 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 216ms
215ms Image
image/gif 2.19.96.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=a87a3edc53b5a86d1795d11887b5aa39&svisitor=null&visitor=385087ea-4b18-4aed-8c1b-df41cd21b503&session=42955d8c-bace-4692-8d6f-701f01b89f73&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2014%20Nov%202023%2020%3A30%3A24%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2014%20Nov%202023%2020%3A30%3A23%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Huntress%20has%20analyzed%20the%20emerging%20SysAid%20CVE-2023-47246%20vulnerability%20and%20recreated%20the%20attack%20chain%20with%20a%20proof-of-concept%20exploit.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Critical%20Vulnerability%3A%20SysAid%20CVE-2023-47246%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&pageViewId=39a04cc3-a0a5-47af-838a-60ba36ab604f&an_uid=0&webTagId=e666a54d-ff29-48f9-9baa-2be6ac05412e&v=1.1.10

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.96.139 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-139.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 51.558be3c5.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 23 KB
8 KB 375ms
370ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: ed5.Vb2NxOS1q3a7YtOJIJWbflrFSMpb
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 36
last-modified: Thu, 09 Nov 2023 16:46:49 GMT
server: istio-envoy
etag: W/"fa281fcbe4b2e35558d60fae3e316367"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hCcPLuk61Qm8AVQef0MYEiFg5E7AyL2wkCn8ORW2o10adD7i13VjLg==

GET
H2 200 33.ae4de0a0.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 36 KB
10 KB 438ms
433ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/33.ae4de0a0.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e12404ccb0492da0a89fbda8db0ddb3c2358fcbd6d29b0c106ba840ca5f5e8ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: PUG2tPuHbg6UXU15H37d6Lifu.5b8Act
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"db0cd5b66c52523e10b87a0c8a2db182"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kiQoZQqXn9X8T94Mgo1kHDxk0eJP42on4IBQ67YFpLh0hXt2mHk9hw==

GET
H2 200 22.6b9a301a.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 32 KB
11 KB 288ms
283ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/22.6b9a301a.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: y.FHYjH1l6SnWiGEMJwnb7IZOwV7WiTO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 24
last-modified: Thu, 09 Nov 2023 16:46:48 GMT
server: istio-envoy
etag: W/"d8739a9fe9a3a42936f5cd86c8727494"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CvM7mONT88aQeAMAwadyJJJDEyyHtPwE7h1uorNDIfe92CPoB_VOsg==

GET
H2 200 19.6f85b843.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 17 KB
6 KB 210ms
206ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: he7pY35dnE8iJLnfYS7PIIYJN2NbTvQL
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Thu, 09 Nov 2023 16:46:48 GMT
server: istio-envoy
etag: W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aw4H9n7WfHQ1kVBRnGJydmPu3EyrkJxeDeF-jNcJlOxcvNYLNI__zA==

GET
H2 200 41.b4fc4de2.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 25 KB
8 KB 453ms
449ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: Ij_1xaX3XgEHfn82OG0l5wdBiH4c2kQ0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Thu, 09 Nov 2023 16:46:49 GMT
server: istio-envoy
etag: W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BaEHTcx3v5YEU7j8gC0eBPkmDw9NkpBxqI3ZGetQEGtmxO2jNZrrSA==

GET
H2 200 20.8c21ea18.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 74 KB
23 KB 434ms
429ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: CnXtoeijMdApM4S3FcFzi6pTlZu249rD
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Thu, 09 Nov 2023 16:46:48 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jUqVZwEGwZ8mbymsTSTOQBlEktbOHrPAIvukCtVPgSHpgaX4LfPd0g==

GET
H2 200 27.3951aad8.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 66 KB
20 KB 397ms
393ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/27.3951aad8.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: PLRwkxTy0W_1o8rwzVQG6XR9UyxAvjNh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 69
last-modified: Sat, 02 Sep 2023 21:37:07 GMT
server: istio-envoy
etag: W/"5b2b6d0508fe18c3efb6bcd6249fd4e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KOohlF8kBfGNbEtKD97OgeEM_j3wzq81tt_UVOnmlGEIc_T4PP6Suw==

GET
H2 200 14.e24a6190.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 91 KB
28 KB 354ms
350ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: RG3zfIgfCMpGZ2frWHasfv0YK5uSy4FN
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Thu, 09 Nov 2023 16:46:48 GMT
server: istio-envoy
etag: W/"16d7ae86e21434a32157d3226ac9bb77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kMaadRDiDE3qIjA71vP7I92UuxTzOaoY3hgjL486JVl3lZIUbEhyvQ==

GET
H2 200 11.639238ba.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 23 KB
7 KB 379ms
375ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: cc74Iq04mDkVokAj0QDtA5zK4SrLZ3EF
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 47
last-modified: Thu, 09 Nov 2023 16:46:47 GMT
server: istio-envoy
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bTSKjCVINOVcYqAjx2xEGdCO_U1trdf4puGgV-gSYwFF99cFHoVI_A==

GET
H2 200 18.9c1bd1fb.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 62 KB
20 KB 305ms
301ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: KgGl_hkZ33_QOWTAvRUPtkeSGWKR7hhX
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Thu, 09 Nov 2023 16:46:48 GMT
server: istio-envoy
etag: W/"02f09379c544befa413d22eb57ed41de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aLOlvrDzG-EHWVplOwSezn-_EJ9A86324kJSYDubhaTNDqeDRF9bSA==

GET
H2 200 49.f7274268.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 105 KB
34 KB 529ms
525ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/49.f7274268.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: JoIPUkIXJPoipcw9X1nfsQk015WOgQr5
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Thu, 09 Nov 2023 16:46:49 GMT
server: istio-envoy
etag: W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rtw-yAfjzDPbG4PUOfTdoJP7DUNrgDLA4EJVS7K8nOTxd1sNQco5xg==

GET
H2 200 40.31ef8dbf.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 12 KB
4 KB 471ms
468ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: 7WRVREC_cpOOfcU8CBUNKma_ca7JkA0q
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Thu, 09 Nov 2023 16:46:49 GMT
server: istio-envoy
etag: W/"b0793fa46e8c0ae1846b7be8a833da35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: w7YDz1Fz_lH3FAtbuIcNDSufMvRUpR5Ttm43xsWJXPx8nv7_e2bMIw==

GET
H2 200 29.31d09948.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 13 KB
6 KB 481ms
478ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/29.31d09948.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: PiLARYxPQ5.H_XJqM4WP.tv54Y4jmwVh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Thu, 09 Nov 2023 16:46:49 GMT
server: istio-envoy
etag: W/"455157cb49065fb85fed54901ddaeb0e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: M3pbYDzJfjEJkzQcfCLphvvbMBN4BvF64GROpGnoM0uJtGktwrd88A==

GET
H2 200 21.b8c41db9.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 17 KB
7 KB 466ms
463ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: 3IPuQ.XgSqznHH9Do5ZMqbrUVx7Lz7iS
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Thu, 09 Nov 2023 16:46:48 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7_0HoyfZ33HDYr-CRgIJzdty3i2P17_TGp-BhuVV_1G-t0ort-fKrg==

GET
H2 200 8.98b34517.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame 3ED0 31 KB
5 KB 358ms
355ms Stylesheet
text/css 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/8.98b34517.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

794dc30b5582c5b0c4a06c2e0776f6527a84c91d5f7abb9384e7588d0ab3a910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: iNKtCZtb69S5Xg2ti_W3KaKTIlBxoqLp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Mon, 21 Aug 2023 14:57:23 GMT
server: istio-envoy
etag: W/"82429fd1682dcb60e14996ad58a35a4f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5l9fY8qD-qUFCFf_xw9k9wkkauFLI5xSM9xHKaWutg1hKeeg2mxdYg==

GET
H2 200 8.5fdda827.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 81 KB
25 KB 472ms
470ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/8.5fdda827.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e523f47c65c171a685ca8f1bb0c0c432f4d71104fa56e8f6163126ec908cc430

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: s5Gs7OuwDj2F26kpSyydH_032jxZE3YX
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Mon, 21 Aug 2023 14:57:26 GMT
server: istio-envoy
etag: W/"f78079aaffe016efb8ec35b9fbb9f42f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AaFCarjV_PtzCK4iPOKhoU3_HxbrwKJw4a-eNrBWwgnZgcyaYJu19g==

GET
H2 200 16.22abfce0.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame 3ED0 24 B
696 B 465ms
463ms Stylesheet
text/css 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/16.22abfce0.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: 4IfrIjYyCrfgmZRSIKSF9YG1Vf8SbjQR
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 24
content-length: 24
last-modified: Thu, 09 Nov 2023 16:46:46 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: d0jp47Yissrs9wOsHl7y3E2IQI0OsqGxIsS_eETQLSqCKpcn0cw88w==

GET
H2 200 16.890a0911.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 91 KB
24 KB 542ms
540ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/16.890a0911.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

860c659e8836feb6a6b4fc4c9b7195e4ab0a04e4642473c0780ae554fbf6ffb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: 2cJi_0AtsucvWstmkbj3mO1t8SiuDMru
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 36
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"52b055a08e59141b8f7b7947c7d7ab69"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4MbBQcQiVb8miNVGPiixgTxhX3HtbZ8m6Y2cxvyfUQjINmpsjfSdhA==

GET
H2 200 24.24e43c3b.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 50 KB
14 KB 461ms
459ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/24.24e43c3b.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

eb6ce397310855bbef74043afcdda989653ad7b7b385191e8c8d622eee74b367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: J3Ynz_VL_Xe.kEj4VqPxsio5dIqXBI10
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"390d4b78f4c738295b7974aca941d031"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nyf7Ml3m984K4Qmgdk2V_wO8I29yDHEJSubKqCCcb_zB9P6M9UXMjg==

GET
H2 200 17.413337a8.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 40 KB
13 KB 515ms
514ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/17.413337a8.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

10b977a814bd9ca3e018a07b6e1197c9a9fa89a27a2419158d22f41ab8a29508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: Ud1ylpzTdwt3qfnkRXUYob2T_ovQMI1N
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"4aea30e551ee7f04a564c0408c291306"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: d9L-IDXGU460mfH3piUGsN-2m7qG3S0kCjq-kGTpKPvQmergZd1o3g==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 9 KB
3 KB 203ms
199ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: wR0M2Ne_bncq7V2Jl6Ja9N7Mr7TvjAiC
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Thu, 09 Nov 2023 16:46:47 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xL-qpXd6wz8kp5YQ7ncLupJ3agtIzkOX4bodfhyBZWPmohCXJWLBTQ==

GET
H2 200 4.07aa08a5.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame 3ED0 7 KB
2 KB 335ms
332ms Stylesheet
text/css 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/4.07aa08a5.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:25 GMT
x-amz-version-id: wzblrhR8VgaZ91O5gq0aMSI2PU89S5cp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Mon, 21 Aug 2023 14:57:23 GMT
server: istio-envoy
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 02D2eJn37UXRKiYPa-7ehWo8NRYHQp5Ff7rLRaY-wHlkjPfgJI_3Ug==

GET
H2 200 4.36582b8b.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 54 KB
15 KB 265ms
262ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/4.36582b8b.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6a6a06c6f8fb209f9e92af2bb5ed0c0d0e767211a1a92e631e1d0ce056488387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: aXK3nhxEmGQGmcWeEUpmTanxIifnp1mO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 24
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"eb4f4fdfa625f5036ae2538950af438e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vVlhqCJmaiaOmp7zVKqHvqRcDXRYrl14q9vAs9vw7RMtnE8Zs5KFMA==

GET
H2 200 34.4924e4bf.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 27 KB
8 KB 410ms
407ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/34.4924e4bf.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

15736c00b563c558ec1e7d531c0d8bd7d8cc24c2026adbc2dcf0ccd3e48f7d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:25 GMT
x-amz-version-id: T7ywXmlgZ2pn_NjEp3YMDrKgM16OYgwy
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"2a9499a40949c70c9c00081b06639cb0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lmyKSripESo9ZbLyZYXi8XXPPot7KSj3KjuO_KvausVhEIHjgoHqDg==

GET
H2 200 1.12ba17b6.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame 3ED0 44 KB
7 KB 341ms
337ms Stylesheet
text/css 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/1.12ba17b6.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:25 GMT
x-amz-version-id: qt3I2hwoMF72_syqg0KoC3mWUOCiYi_f
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Thu, 09 Nov 2023 16:46:46 GMT
server: istio-envoy
etag: W/"3b8ba82e1bac13ee29e9764a55620d99"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Idl1rg1LY2dSmxeXTAdhXXk1WuqgDriMi4vgHf5_2w7dN8z-HEUuoA==

GET
H2 200 1.9d9c8c3b.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 54 KB
18 KB 200ms
197ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/1.9d9c8c3b.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5e4e01da0230734413d39e4657ac95b4ccf45092ff61a162aa1f4d111a166735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: TN5uaySIype7BWdOQeU5pFJLqRV.3qiK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Mon, 21 Aug 2023 14:57:24 GMT
server: istio-envoy
etag: W/"bc8dde7d353b792cb424661adcff29fb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -J7sVd0eeb-cn5TAdjDd8xC03IA5GT0k98pM9suTLGRt17JKh_me7w==

GET
H2 200 3.bbe0e1fa.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 24 KB
10 KB 330ms
327ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/3.bbe0e1fa.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ba3035c1cbfbd4ebb878f85acde3d846c6e9e90081de78ddcaf3126b4e8823b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:25 GMT
x-amz-version-id: pHxDHN0IINa0RNuxMPvQ8pBn4Eg1GWSc
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"b394f9cf6fe473cdb6852b332234aa52"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8LN24NUdIIaJK_fgH1T9zviiWJ9JMYgKXeSYP1wRmi3tbh1OppqTqQ==

GET
H2 200 26.5208cc6b.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame 3ED0 11 KB
3 KB 199ms
196ms Stylesheet
text/css 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/26.5208cc6b.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

0591af742c10a8ad2020502cccbf97cb4fc1cfc48acaf588043d70e77b2c3aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: SrCjVsE3413g5wEL9F8CX8IFIQaqzFVz
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Mon, 21 Aug 2023 14:57:23 GMT
server: istio-envoy
etag: W/"0842e637a23acc114afbb6195c984564"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: L4-cmldj5cjd-drb0DGKD3jsR3MuE7MfgX-OQoNQ6zmyJGTM-8fyQA==

GET
H2 200 26.69219246.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 16 KB
6 KB 410ms
408ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/26.69219246.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d674a115404e8d29a650437584421bd9d7ec57c4d43fe3e0a09adc080d521c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:25 GMT
x-amz-version-id: xHgUeRJlJNXFuOCOFJ6VHVB_xDcgAWBV
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"c41c7243f45ea540e99a3256f4942432"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZP53396FwMn9YlNVnzgy-HZDU9mdvw9pE0uVZJc_SxRNTL4KV9XJLg==

GET
H2 200 25.7addeee7.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame 3ED0 9 KB
2 KB 332ms
331ms Stylesheet
text/css 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/25.7addeee7.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

a7a9292edd72228ac6b7839b6e29a832ab45515a5c78d548ccd5fd8a2b1942ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:25 GMT
x-amz-version-id: EFJHE_lMh.tvaT0GqPW.1ROLceWNBRoz
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Mon, 21 Aug 2023 14:57:23 GMT
server: istio-envoy
etag: W/"b9011653b355d04d18b2ff93e45e1ecd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: S4qZdWn3cHkIfxkpzvU0nlQ1LUglNyY713Qql7wizyb4eAGZLPeWGQ==

GET
H2 200 25.915ff314.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 47 KB
15 KB 346ms
345ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/25.915ff314.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e5149bac0cdad7bbd9d1b7badb88909929d324ee90b6dd1628e0c59024d68e7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: qod1m4nnLfUgaMaxljkZuFfY2SywXHfx
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"12bceaba2da6c30ab2a0aacbde681b0c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ntkWaRw796T7dYGTnk3jxAyIZWlzutCFUtPgAFJy_s0L4lbfU48Iuw==

GET
H2 200 28.e29661b2.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame 3ED0 561 B
1 KB 335ms
334ms Stylesheet
text/css 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/28.e29661b2.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d04196ec92f307c66ad56e3adbd4536e6c504a251299183c2c016de66a65af39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:25 GMT
x-amz-version-id: yOY99EI9PDEu6PYQSPkvCce7eoR8ev5W
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 21
content-length: 561
last-modified: Mon, 21 Aug 2023 14:57:23 GMT
server: istio-envoy
etag: "5847d5731c3141aa511411d6c66a193c"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gB_xxUbpxx7GqyKs0zc6a98HjbRPZslb2ZpbXRCOz27rz3wefnh_bQ==

GET
H2 200 28.7257241a.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 49 KB
14 KB 341ms
340ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/28.7257241a.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f4d1dc5e2bebcc6c035e733b5586f308c032e377d490d733835fbc1fb0e5d979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:24 GMT
x-amz-version-id: Aw7E9DaiC.0zygWe8D.HQj28dALSaXA6
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"e737f53b0791dac4c523770b4992131c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _2A8_Ob4tfSSAU2FcA6tR9zGL_FGgCSU30A31Tgs1QVAxVNNB7Cfnw==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 263ms
263ms Image
image/gif 2.19.96.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=a87a3edc53b5a86d1795d11887b5aa39&svisitor=null&visitor=385087ea-4b18-4aed-8c1b-df41cd21b503&session=42955d8c-bace-4692-8d6f-701f01b89f73&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2014%20Nov%202023%2020%3A30%3A25%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2014%20Nov%202023%2020%3A30%3A24%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223006%22%7D&isIframe=false&m=%7B%22description%22%3A%22Huntress%20has%20analyzed%20the%20emerging%20SysAid%20CVE-2023-47246%20vulnerability%20and%20recreated%20the%20attack%20chain%20with%20a%20proof-of-concept%20exploit.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Critical%20Vulnerability%3A%20SysAid%20CVE-2023-47246%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&pageViewId=39a04cc3-a0a5-47af-838a-60ba36ab604f&an_uid=0&webTagId=e666a54d-ff29-48f9-9baa-2be6ac05412e&v=1.1.10

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.96.139 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-139.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:25 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 35.3cdf48ae.chunk.css
rc-widget-frame.js.driftt.com/core/assets/css/ Frame 3ED0 16 KB
3 KB 191ms
190ms Stylesheet
text/css 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/css/35.3cdf48ae.chunk.css

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

1650436b42349eba90400162f9104f8abd0e8b846cf91d26c907c300dd8d7f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:25 GMT
x-amz-version-id: V1yopT2bXZUj.CNczvGqS7_vfWAIiP2A
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Mon, 21 Aug 2023 14:57:23 GMT
server: istio-envoy
etag: W/"ac16e52f547ce8f3de32d9d7d591c2c0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: x9dznIQnmAIe45FlP7sW5yQxgR6W8q_Geox4J-UiqnWgIgxsduPjoA==

GET
H2 200 35.3969a3d7.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 11 KB
5 KB 377ms
377ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/35.3969a3d7.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ca38f2df2a3be653605830a05931aeac85fbd1c3fa2e483a334fdc25e3463503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:25 GMT
x-amz-version-id: _L8fRFK5jC3YnnGaFitzP.KBJ4MXVS_2
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 76
last-modified: Mon, 21 Aug 2023 14:57:25 GMT
server: istio-envoy
etag: W/"dcd622adceee29d53432ca3f6e9eb777"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bjVnLIjw049IakV8uaqYew-FSvEy48bcTpL27JInaCwy3ocjlwiC0w==

POST
H2 200 v2 Show response
bootstrap.api.drift.com/widget_bootstrap/ping/ Frame 3ED0 208 B
647 B 362ms
103ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping/v2

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

facf8de270be69de3d2a6fc877d6bbf24baacdeb6f8c5b39a4ac4853bcc096bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rc-widget-frame.js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 14 Nov 2023 20:30:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: d735ba7c05a2e0e8
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 208

POST
H2 200 v2 Show response
customer.api.drift.com/integrations/hubspot/utk/ Frame 3ED0 2 B
65 B 165ms
165ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.api.drift.com/integrations/hubspot/utk/v2

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rc-widget-frame.js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 Nov 2023 20:30:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 5a114a77d96f4da0
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 66
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 2

OPTIONS
H2 200 v2
customer.api.drift.com/integrations/hubspot/utk/ Frame 0
0 134ms
100ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.api.drift.com/integrations/hubspot/utk/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://rc-widget-frame.js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Tue, 14 Nov 2023 20:30:25 GMT
requestid: drift6ed757a49d8b358a23b6bbd5347
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 2

POST
H2 200 v3 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 3ED0 25 B
112 B 150ms
110ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v3

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rc-widget-frame.js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 14 Nov 2023 20:30:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: d9d83e3690b9adfb
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 3ED0 10 KB
4 KB 261ms
261ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

088cc4fbc0cfa8ee91482ef7002d65bd9c54adb9f37115fe07cdc0e7017cb85f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rc-widget-frame.js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 14 Nov 2023 20:30:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: 2c61d314f6b7403
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 163
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 207ms
207ms Image
image/gif 2.19.96.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=a87a3edc53b5a86d1795d11887b5aa39&svisitor=null&visitor=385087ea-4b18-4aed-8c1b-df41cd21b503&session=42955d8c-bace-4692-8d6f-701f01b89f73&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2014%20Nov%202023%2020%3A30%3A26%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2014%20Nov%202023%2020%3A30%3A25%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224007%22%7D&isIframe=false&m=%7B%22description%22%3A%22Huntress%20has%20analyzed%20the%20emerging%20SysAid%20CVE-2023-47246%20vulnerability%20and%20recreated%20the%20attack%20chain%20with%20a%20proof-of-concept%20exploit.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Critical%20Vulnerability%3A%20SysAid%20CVE-2023-47246%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&pageViewId=39a04cc3-a0a5-47af-838a-60ba36ab604f&an_uid=0&webTagId=e666a54d-ff29-48f9-9baa-2be6ac05412e&v=1.1.10

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.96.139 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-139.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:26 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 track Show response
event.api.drift.com/ Frame 3ED0 624 B
684 B 101ms
100ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

b14ef302cddac1c80c684cff402818a99baa0ddb49cc72ae59b93059a7c2b129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rc-widget-frame.js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMDA5MzcyOTI4OSIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjUwOTI4MDQiLCJleHAiOjE3MzE2MTYyMjYsImlhdCI6MTY5OTk5MzgyNn0.Y1md1hDJ5ZFCkNvl7gMnAimZ1Wz3bRYWtigwuJhkVMuG4FaMhH_dfG7WjCAcWoi9p9gnb-YPmZmPIVxrSFscwQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 Nov 2023 20:30:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 74a4859a3f381992
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 624

GET
H2 200 57.28dde8ce.chunk.js Show response
rc-widget-frame.js.driftt.com/core/assets/js/ Frame 3ED0 19 KB
7 KB 168ms
167ms Script
application/javascript 13.249.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core/assets/js/57.28dde8ce.chunk.js

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/js/runtime~main.23dacaf3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-6.cdg53.r.cloudfront.net

Software

istio-envoy /

Resource Hash

594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=5d3cypit2iz8&eId=5d3cypit2iz8&region=US&forceShow=false&skipCampaigns=false&sessionId=9b172651-390e-4f78-9431-679c450e5813&sessionStarted=1699993822.93&campaignRefreshToken=f7dc2dc4-c630-4e5a-86af-a542c49be878&pageLoadStartTime=1699993820467&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:26 GMT
x-amz-version-id: v17Mqmwbdm_rFq_By.P8v6UnbyCYAJEB
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 d6ca02594f64feaa0041e70bddff61ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Thu, 09 Nov 2023 16:46:49 GMT
server: istio-envoy
etag: W/"3c4cd13822c0069a68e9f9c8240f5ba9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nM3UTBep08iMdQixLAASU38EDe6uWG1Rg_BgLPTikA92_jIkuWKi8w==

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 122ms
99ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://rc-widget-frame.js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Tue, 14 Nov 2023 20:30:26 GMT
requestid: drifta6540e64319ae28f7c89f1d012c
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame 3ED0 11 KB
11 KB 24ms
8ms Font
font/woff2 18.245.86.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/css/8.98b34517.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-87.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-widget-frame.js.driftt.com/
Origin: https://rc-widget-frame.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 07:09:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 4886443
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 49
content-length: 11028
last-modified: Fri, 03 Mar 2023 19:55:17 GMT
server: istio-envoy
etag: "1f6d3cf6d38f25d83d95f5a800b8cac3"
access-control-allow-methods: GET, POST, OPTIONS
content-type: binary/octet-stream,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RMb9FO0sHk-JpcHk7ME5tXirafxdQ3Pk30USj8qOveiqokiAwlITNg==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame 3ED0 11 KB
11 KB 24ms
9ms Font
font/woff2 18.245.86.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core/assets/css/8.98b34517.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-87.fra60.r.cloudfront.net

Software

istio-envoy /

Resource Hash

0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rc-widget-frame.js.driftt.com/
Origin: https://rc-widget-frame.js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 00:12:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 850650
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 62
content-length: 11040
last-modified: Fri, 03 Mar 2023 14:31:39 GMT
server: istio-envoy
etag: "5e22a46c04d947a36ea0cad07afcc9e1"
access-control-allow-methods: GET, POST, OPTIONS
content-type: binary/octet-stream,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vMp-4KjGELwKCY15Jyn16wmOX--RpB6N-IrKbhjwqAdBBxpi3xN9Pw==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 206ms
205ms Image
image/gif 2.19.96.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=a87a3edc53b5a86d1795d11887b5aa39&svisitor=null&visitor=385087ea-4b18-4aed-8c1b-df41cd21b503&session=42955d8c-bace-4692-8d6f-701f01b89f73&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2014%20Nov%202023%2020%3A30%3A27%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2014%20Nov%202023%2020%3A30%3A26%20GMT%22%2C%22timeSpent%22%3A%221020%22%2C%22totalTimeSpent%22%3A%225027%22%7D&isIframe=false&m=%7B%22description%22%3A%22Huntress%20has%20analyzed%20the%20emerging%20SysAid%20CVE-2023-47246%20vulnerability%20and%20recreated%20the%20attack%20chain%20with%20a%20proof-of-concept%20exploit.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Critical%20Vulnerability%3A%20SysAid%20CVE-2023-47246%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.huntress.com%2Fblog%2Fcritical-vulnerability-sysaid-cve-2023-47246&pageViewId=39a04cc3-a0a5-47af-838a-60ba36ab604f&an_uid=0&webTagId=e666a54d-ff29-48f9-9baa-2be6ac05412e&v=1.1.10

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.96.139 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-139.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.huntress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 20:30:27 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api-gw.metadata.io
URL: https://api-gw.metadata.io/traffic

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.huntress.com/	1970-01-20 16:13:15	Name: __cf_bm Value: OvJBfd0woe8ElzASyCu5qAjA_benmo85j1r5rOTyOJY-1699993820-0-AdR3QzKaViX7Mb0J0jJN6X9nB53Ub9UXGSP/LVR7LjknsvkY+OPUOmBWPLdTDEM3rAG3PnEChqGdihWi9JW588o=
.www.huntress.com/	1969-12-31 23:59:59	Name: __cfruid Value: fb6d32f56bf52a3f40dfef93c958e23a878c53e5-1699993820
.huntress.com/	1970-01-21 01:00:16	Name: _vwo_uuid_v2 Value: DDA5CFDC820B94FC015FD10630D923EB3\|800fc0720c1cf9fbf5714d9b2dfd9d55
.huntress.com/	1970-01-20 16:13:15	Name: _sp_ses.1564 Value: *
.huntress.com/	1970-01-21 01:49:13	Name: _sp_id.1564 Value: 9820fe3d-e234-4d53-a57a-6d3d74945935.1699993821.1.1699993821.1699993821.bb6bcbec-1b38-4e54-9f37-92932ef8f0d5
.hubspot.com/	1970-01-20 16:13:15	Name: __cf_bm Value: Cipz91HvaRfl30p63Ofz_DwhSbbSitNSxwWDvbSEW_k-1699993821-0-ATZi2nQ7IyNBzWsuu12Da3N6jSLxc1V5+Edx5p8LfMtbrjvRn37U5q1Qr/WRaBmt3IlsKfBNsrUiutyS/pwAEu8=
.techtarget.com/	1970-01-20 16:13:15	Name: __cf_bm Value: QAFwDojR_Oq7roPr123flPmQXKXHOOWk8wjsUT34QLQ-1699993821-0-ASPlMiLPZ4hHJioviv+XePpFX/2nrvMguNu7s3ZfIOYA9mZLUZnfAYvOLjag2NDOInjTtuW723cv3KZeVqiyT+4=
tracking.g2crowd.com/	1970-01-20 16:33:23	Name: _session_id Value: 1628ac3297b7ae86d0612d32be602ef7
.g2crowd.com/	1970-01-20 16:13:15	Name: __cf_bm Value: 1bZ6t2KO5_jSvaJBoUqhrZF.7sENA96z3FGr_TB1gI4-1699993821-0-AdnqcBiJJ/xGJPcvvpt1qLh5r/s3d7nhMDjEqk87rQ7s7ElNNFQX7eY5ScU+niwQlIi1vFK+7XLpDPV9iOfRNh0=
tags.srv.stackadapt.com/	1970-01-21 00:58:49	Name: sa-user-id Value: s%3A0-9b39b16f-72b6-5a09-7ee3-43059088ebc4.AvWvseaN3SUPgmsPxz8SaXnGY1AiKGRNh%2BJTe6IvhEY
.srv.stackadapt.com/	1970-01-21 00:58:49	Name: sa-user-id Value: s%3A0-9b39b16f-72b6-5a09-7ee3-43059088ebc4.AvWvseaN3SUPgmsPxz8SaXnGY1AiKGRNh%2BJTe6IvhEY
tags.srv.stackadapt.com/	1970-01-21 00:58:49	Name: sa-user-id-v2 Value: s%3Amzmxb3K2Wgl-40MFkIjrxLnVm5I.1iZ4VIUDevCOYU66XqgTvZNG2wgU%2FuxtXAvNgBN3JAA
.srv.stackadapt.com/	1970-01-21 00:58:49	Name: sa-user-id-v2 Value: s%3Amzmxb3K2Wgl-40MFkIjrxLnVm5I.1iZ4VIUDevCOYU66XqgTvZNG2wgU%2FuxtXAvNgBN3JAA
tags.srv.stackadapt.com/	1970-01-21 00:58:49	Name: sa-user-id-v3 Value: s%3AAQAKIFumBDYN005ZR9qyWX9DDxv2VittFeOxoFGonRI8OdK5EHwYBCDdsc-qBjABOgRzygDyQgT58tL2.jFlenjvda076zJ%2BQJcHCjJkqcbm0hVY0qhDi%2F5mRoKg
.srv.stackadapt.com/	1970-01-21 00:58:49	Name: sa-user-id-v3 Value: s%3AAQAKIFumBDYN005ZR9qyWX9DDxv2VittFeOxoFGonRI8OdK5EHwYBCDdsc-qBjABOgRzygDyQgT58tL2.jFlenjvda076zJ%2BQJcHCjJkqcbm0hVY0qhDi%2F5mRoKg
www.huntress.com/	1970-01-21 00:58:49	Name: Metadata_visitor_id Value: loysffuw6xrogq1qg6j
www.huntress.com/	1970-01-20 16:13:15	Name: Metadata_session_id Value: loysffuwke0105oenk
.huntress.com/	1970-01-20 18:22:49	Name: _rdt_uuid Value: 1699993821708.e1291e4d-8e91-4950-87be-cf6ec73f5a3a
.ws.zoominfo.com/	1970-01-21 00:58:49	Name: visitorId Value: 55e7a7801c17f34061be223e8621a73d8078f56a5d699fc4733d1cdf84dd049f
.zoominfo.com/	1970-01-20 16:13:15	Name: __cf_bm Value: PuNyuWBOfWBvDVGbBBijLFf_Nluzw5aVZVB3g2xh7Vs-1699993821-0-ASWu/LElKjYdJwJ+tPp3l5A+4ObSs5uZORiBAih6bFSv1cbT3Ehd40ZMiHKa0B6lQ09NNnImwRYw8M3dOsTS+PE=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: scR3h.wE.BHxFsDh36OizVNtlb_9n5f.OF3qNqRfsVE-1699993821723-0-604800000
.huntress.com/	1970-01-20 16:13:15	Name: _hjFirstSeen Value: 1
.huntress.com/	1970-01-20 16:13:15	Name: _hjIncludedInSessionSample_2159185 Value: 1
.huntress.com/	1970-01-20 16:13:15	Name: _hjSession_2159185 Value: eyJpZCI6ImM1OGRkYThjLTVjMWYtNDM4NS1iMjYxLWZkZGRjYzJjMWI2MiIsImNyZWF0ZWQiOjE2OTk5OTM4MjE3NTQsImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjp0cnVlfQ==
.huntress.com/	1970-01-21 00:58:49	Name: _hjSessionUser_2159185 Value: eyJpZCI6IjBjNDRlZGI2LThjYzMtNWY4NS1hZTc5LWNlMGRiYTQ3ZWQ2NSIsImNyZWF0ZWQiOjE2OTk5OTM4MjE3NTMsImV4aXN0aW5nIjp0cnVlfQ==
.huntress.com/	1970-01-20 16:13:15	Name: _hjAbsoluteSessionInProgress Value: 0
.twitter.com/	1970-01-21 01:49:13	Name: guest_id_marketing Value: v1%3A169999382171933140
.twitter.com/	1970-01-21 01:49:13	Name: guest_id_ads Value: v1%3A169999382171933140
.twitter.com/	1970-01-21 01:49:13	Name: personalization_id Value: "v1_9T2WbEzvNw+51YpNQJMCdw=="
.twitter.com/	1970-01-21 01:49:13	Name: guest_id Value: v1%3A169999382171933140
.t.co/	1970-01-21 01:49:13	Name: muc_ads Value: 6630c5c1-f81d-49f7-9a5a-d1cbd25bbd5d
.huntress.com/	1970-01-20 16:14:40	Name: _uetsid Value: a23bf580832c11eeb85e0f437644e4cb
.huntress.com/	1970-01-21 01:34:49	Name: _uetvid Value: a23c26b0832c11ee9bcd456e11104c71
www.huntress.com/	1970-01-21 00:58:49	Name: sa-user-id Value: s%253A0-9b39b16f-72b6-5a09-7ee3-43059088ebc4.AvWvseaN3SUPgmsPxz8SaXnGY1AiKGRNh%252BJTe6IvhEY
www.huntress.com/	1970-01-21 00:58:49	Name: sa-user-id-v2 Value: s%253Amzmxb3K2Wgl-40MFkIjrxLnVm5I.1iZ4VIUDevCOYU66XqgTvZNG2wgU%252FuxtXAvNgBN3JAA
www.huntress.com/	1970-01-21 00:58:49	Name: sa-user-id-v3 Value: s%253AAQAKIFumBDYN005ZR9qyWX9DDxv2VittFeOxoFGonRI8OdK5EHwYBCDdsc-qBjABOgRzygDyQgT58tL2.jFlenjvda076zJ%252BQJcHCjJkqcbm0hVY0qhDi%252F5mRoKg
.bing.com/	1970-01-21 01:34:49	Name: MUID Value: 3723CFCD2AA360E2040CDC042BA361A7
.huntress.com/	1970-01-20 18:22:49	Name: _fbp Value: fb.1.1699993821959.1189796455
www.huntress.com/	1970-01-20 16:23:18	Name: slireg Value: https://scout.us4.salesloft.com
www.huntress.com/	1970-01-20 16:23:18	Name: _an_uid Value: 0
www.huntress.com/	1970-01-21 01:49:13	Name: _gd_visitor Value: 385087ea-4b18-4aed-8c1b-df41cd21b503
www.huntress.com/	1970-01-20 16:13:28	Name: _gd_session Value: 42955d8c-bace-4692-8d6f-701f01b89f73
.linkedin.com/	1970-01-20 18:22:49	Name: li_sugr Value: 3ad58622-aad1-41ce-9fdf-f1aea800f620
.linkedin.com/	1970-01-21 00:58:49	Name: bcookie Value: "v=2&eaad8754-6a96-4e02-8019-4ac5937e4a43"
.linkedin.com/	1970-01-20 16:14:40	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3059:u=1:x=1:i=1699993822:t=1700080222:v=2:sig=AQHbceCdDktSLtvwqKH1LZZPiIllHBfL"
www.clarity.ms/	1970-01-21 00:58:49	Name: CLID Value: cefd980bc9504cc99f2c470e5e29c542.20231114.20241113
www.huntress.com/	1970-01-21 00:58:49	Name: slirequested Value: true
www.huntress.com/	1970-01-21 00:58:49	Name: sliguid Value: c2932d8f-8cf4-4741-b6cd-bd0b1c3f89aa
.huntress.com/	1970-01-21 00:58:49	Name: _clck Value: 8zesyf\|2\|fgp\|0\|1413
.linkedin.com/	1970-01-20 16:56:25	Name: UserMatchHistory Value: AQLl2vYxhC8qmQAAAYvPhyQKYdbLb_7Z6HtiX-cMRgPBqjh4lymLh5KUWM_TvXH5m2zT0srR8b4aaQ
.linkedin.com/	1970-01-20 16:56:25	Name: AnalyticsSyncHistory Value: AQLFVwc8wbGA9AAAAYvPhyQKp5vI3IbLueM0Ju7UGzqjgm7YJGLgSEO4DPtdt5RbHdYCrdV-oO_9dtebRiUUPA
.6sc.co/	1970-01-21 01:49:13	Name: 6suuid Value: 87601302d95e0d00ded853652e010000cd380200
.a.usbrowserspeed.com/	1970-01-21 00:58:49	Name: tuid Value: 52249b1e-0f1c-4a99-bb86-05b9d32a0cd9
.bidagent.xad.com/	1970-01-20 16:56:25	Name: xad-uid Value: MTEyYTU0NjEtNzBhMS00ZWYzLWIyOGQtZDY3M2Q5ZTExZTdk
.www.linkedin.com/	1970-01-21 00:58:49	Name: bscookie Value: "v=1&2023111420302287d09eb5-178b-452b-813b-5cb11ea830d0AQEqqhrjzl8fHJ7SvyDrTAQO-M78iRw2"
.linkedin.com/	1970-01-20 20:32:25	Name: li_gc Value: MTswOzE2OTk5OTM4MjI7MjswMjFOESJxYkIiedSeveQHEoDEmBSht5gQIhulyeZfjy/qUA==
.huntress.com/	1970-01-20 16:14:40	Name: _clsk Value: 8frk5g\|1699993822824\|1\|1\|p.clarity.ms/collect
www.huntress.com/	1970-01-20 16:13:15	Name: drift_campaign_refresh Value: f7dc2dc4-c630-4e5a-86af-a542c49be878
.c.bing.com/	1970-01-20 16:23:18	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:34:49	Name: SRM_B Value: 3723CFCD2AA360E2040CDC042BA361A7
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:34:49	Name: MUID Value: 3723CFCD2AA360E2040CDC042BA361A7
.c.clarity.ms/	1970-01-20 16:23:18	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:13:14	Name: ANONCHK Value: 0
www.huntress.com/	1970-01-21 01:49:13	Name: drift_aid Value: 38a9a601-8cdb-493b-a8b5-fd474accaa2a
www.huntress.com/	1970-01-21 01:49:13	Name: driftt_aid Value: 38a9a601-8cdb-493b-a8b5-fd474accaa2a

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246 Message: Access to fetch at 'https://api-gw.metadata.io/traffic' from origin 'https://www.huntress.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.
network	error	URL: https://api-gw.metadata.io/traffic Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3911692.fs1.hubspotusercontent-na1.net
a.quora.com
a.usbrowserspeed.com
alb.reddit.com
analytics.twitter.com
api-gw.metadata.io
app.hubspot.com
b.6sc.co
bat.bing.com
bidagent.xad.com
bootstrap.api.drift.com
c.6sc.co
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdn.metadata.io
cdn2.hubspot.net
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
content.hotjar.io
customer.api.drift.com
dev.visualwebsiteoptimizer.com
event.api.drift.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
gist.github.com
github.githubassets.com
huntresscdn.com
ibc-flow.techtarget.com
ipv6.6sc.co
j.6sc.co
js.driftt.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
lh7-us.googleusercontent.com
metrics.api.drift.com
p.clarity.ms
pagead2.googlesyndication.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
rc-widget-frame.js.driftt.com
region1.google-analytics.com
s7.addthis.com
scout-cdn.salesloft.com
scout.salesloft.com
script.hotjar.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
static.hsappstatic.net
syndication.twitter.com
t.co
tags.srv.stackadapt.com
track.hubspot.com
tracking.g2crowd.com
trk.techtarget.com
webhooks.fivetran.com
ws.zoominfo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.huntress.com
www.linkedin.com
www.redditstatic.com
api-gw.metadata.io
104.244.42.197
104.244.42.67
104.244.42.8
13.107.42.14
13.249.9.6
13.32.27.107
140.82.121.4
146.75.116.157
162.159.152.17
18.245.86.87
185.199.110.154
185.89.211.116
2.17.190.170
2.19.96.139
20.122.63.128
2001:4860:4802:32::36
2600:9000:223c:dc00:9:d7d4:1380:93a1
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:234:59:254c:406:2366:268c
2606:2c40::c73c:67e4
2606:4700:20::ac43:44da
2606:4700:4400::6812:22e5
2606:4700:4400::6812:24c4
2606:4700:4400::6812:297c
2606:4700:4400::6812:2b1f
2606:4700::6810:4cba
2606:4700::6810:5814
2606:4700::6810:6cd1
2606:4700::6810:890f
2606:4700::6811:190e
2606:4700::6811:4341
2606:4700::6811:589a
2606:4700::6811:cff9
2606:4700::6811:e4a3
2606:4700::6812:4ffd
2606:4700::6812:7e0c
2606:4700::6812:a07d
2606:4700::6813:9a53
2620:1ec:21::14
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:829::2008
2a00:1450:4001:82b::200e
2a02:26f0:3500:16::215:1484
2a02:26f0:7100::5f64:87f1
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:200::396
2a04:4e42:600::396
2a04:4e42:600::649
34.111.208.231
34.159.227.151
34.211.31.243
34.96.102.137
50.16.7.188
52.222.139.19
52.44.31.83
52.57.212.193
54.164.23.4
54.173.34.214
54.185.118.145
68.219.88.97
99.81.165.243
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0591af742c10a8ad2020502cccbf97cb4fc1cfc48acaf588043d70e77b2c3aaf
06215d60d7c5989920af1f768a47a0c2670028d4db6d8f89ae008ca67834a2de
088cc4fbc0cfa8ee91482ef7002d65bd9c54adb9f37115fe07cdc0e7017cb85f
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
0f95243b84215f5c6187452bccc0df8e5442db6d0150855df3c9c355796da6a8
10b977a814bd9ca3e018a07b6e1197c9a9fa89a27a2419158d22f41ab8a29508
11bcaa66e2e5486338bbf15bc2af4136962618bd84574c350c82c501d64f6868
14c59924cdca7796d9578872e6933998297b41cb0a2951ccaf7de4bd7cf921ff
14e6206b0b854f8eb373b1ccfbac42efdb97e1034de1355abb4ee81aa0672ec2
15736c00b563c558ec1e7d531c0d8bd7d8cc24c2026adbc2dcf0ccd3e48f7d65
1650436b42349eba90400162f9104f8abd0e8b846cf91d26c907c300dd8d7f85
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
19680a27e88da4a3713af26571b4849096e75d617f2845574af7fd15746256bb
1ce5bbfddabe83a619dffbd897ac79e94ca961f04cf463583a421a22f5329938
1d4706944ce49f0dcf4b8f2cf1274d08d0b3ca8f80e8614848cf5e532fa9737f
1db6b123f97b64be2a35c607c2d290818cea4f045f157b7499d1e57797b52f66
200cef31a4664eb38f1293062efc3d5acf8e769cc27242418b198a0aa4b20492
2148aae183c99fd22de0fa5ac66943716f59908dc935b3b3ca7f02cfdeca17f4
21e7a767b80a102e4313f26e3a65b273a07dcecacd30046f036438de7ce72280
24846a3f194b09919bf75cec2a1d012653257442cea9342c648d618c8bddd844
257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
2c1ff2614ad6ef0cdfc4cd30fd8df4de7a45d08d2df574eeedf9babaaead1dda
2ca98db1980e1eaf334bc10634bcf531a5add9e38554c12b25f229abaeb9ebca
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ee773ef677420cdeb136e974fcef8ed7c10c1302fff8a9846acd53434cacb8b
2fd0bc347d537ea52903855bf14ec686411b09ea67e4208244a0f58525b09a85
302c2b5e54b9109c31e6f885dcfa028a37b17f5e1e714a093253157eb0e0f9d3
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3367498692c5f6cdc662369af915c0c2f13b7f6af9e67a522d2e7fc1b3299364
34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a
354142e53641e1e72a89609e46eff578e69d762290d65d84acaaf380751c20fa
35504f9cfa8ba1cba652feb2648a4347a3ff4a987d1280eb1013713e9762c23c
3a914acec1a263a5f50f8c5949d023db05d9c166f7bc808b8bef4be615eea405
3b5765cdf7d4f072406ef5bfeecee9b32bff67188fd51806fdb3e33dd947d083
3c33fb84cf824df6ac4de845b71ddd634fd80926ae2d186e5f8635523b28a5a1
3d26c2a43f6563ef5cd6437af5fdaa0ac158ff8e191b050db6fd6de3d1dc2e3a
3d45fdf57e5fd666b1ff640d125a0f6e7a8edfac5055af0885b29ff442d85007
3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
4081a5f270ace3305571b8f393e20c3a50141d103fb6fced35cf64d5182c2cd2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4a6b23f2e9104338fbd23f2dbeed9d66d1e6ce39ff19c62b3df45a8fb1785105
4d2333d57eeb727c27f914f74e0f1d1d2b2399dc5f2e55ebf98ee14fa3e7bb55
523e87cbc120ee7fe9482da321509a57b43bc2bf823fa19d13e46890f2d6d27a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552e73996adba6a0248783405d3f9abd1240fa31f8545721e88211cd19095525
558979f57321b92691fa5d479ae380773ae5d9dffd5f8bcaddc4525ea361f0a9
58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f
594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60
59b65916f39dc21dcd5a126cd162a70137330b959608402fb1ef6617074de7f7
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5c276a81659091e3514c366f7a2c18921f76e093d3126a258b70903edbf62994
5d247e1c2efc38a727967b2f5f9e99b961d0cbe2b0aa1ddcf170bd6933409403
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e1b2d28b60fff2c5cf98de1c9082642d1be2f05a3987930289d399da461e84a
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e4e01da0230734413d39e4657ac95b4ccf45092ff61a162aa1f4d111a166735
6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3
6a6a06c6f8fb209f9e92af2bb5ed0c0d0e767211a1a92e631e1d0ce056488387
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4548bb7a59c4905c6e0e11b9f3990fdc62f0b74d6bbcf719c9199726efd806
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
7573e5629fdd86c1b9715e81fd55e01c7cf7febbfc3562f5acbb757c0d4cce64
7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b
76fd789d1fbd44d6fa868e243392c98cf8c0f0221351dedf713ef495741708e9
794dc30b5582c5b0c4a06c2e0776f6527a84c91d5f7abb9384e7588d0ab3a910
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
79bb1b80606f5282fa20cea179f7c7f619eb1848b1d550a9e13857477cd1c38e
82ba33778a6595a59baef6e6964c64d7c3e9888c2bbf74461f1948b295db28e2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
860c659e8836feb6a6b4fc4c9b7195e4ab0a04e4642473c0780ae554fbf6ffb2
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8a633d29b4c207c21cedc873a2db9911520bf57a7f27df62f2e6adf32618aeff
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
9376df9b8822a7f057796704e3cb466577faa32f94b2460a2429944cc16c9489
93a2fd82dd3a13a9e9ce0583f3bde1b6e88da6ebce30fa8c87cee4d9d927e4d2
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a459bd903a6bdc9e0bcebb6fa8bfc9e348d59dd41d1c98c286099cec55d2ee72
a603b2b20c78990ff3b6b9e99a5d303b936d8885950ced8135df87c23eff4f20
a7a9292edd72228ac6b7839b6e29a832ab45515a5c78d548ccd5fd8a2b1942ff
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adf047e2aa7537c8c92dc8482eb7860b935d9d67aff36278de31dc2e44829236
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a
b14ef302cddac1c80c684cff402818a99baa0ddb49cc72ae59b93059a7c2b129
b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921
b4a82caa0fc65be097055243fca3a88abfcb2917b53f5819a847aa484296be53
b7f21373bc1ae7fed6cb759c0b776ee0a0adcd30797376ab98687884545e52fc
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b990552df973348baaa61af6a11d527c465edb14339f38e25d112b2a1a72ab0e
ba3035c1cbfbd4ebb878f85acde3d846c6e9e90081de78ddcaf3126b4e8823b0
bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b
c2a101f313f27c267a744088e44664a87d2ec7dc2a3464bf1319a95094dc76db
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c52ffb59a6bf4ac549ed6da4dbe39a7661ff82147942ff109c2e72ae676b787c
ca12748cbcc37ab8e6a34372ac9b9d4ac0a72c486b63db612dc3a3fc608e8d88
ca38f2df2a3be653605830a05931aeac85fbd1c3fa2e483a334fdc25e3463503
cf32a0cb38105c879a1aabd4aab6dca757e62acca5f439652d49f19b557950e1
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cf8edbedfd479fe7cc642e3a1db515dd1103f2d7864f0db5cae6144fbde44ea4
d04196ec92f307c66ad56e3adbd4536e6c504a251299183c2c016de66a65af39
d5a421dbd597a94360622aa975ff3c27809a08e5ddaada7832a692c3b51c5eeb
d674a115404e8d29a650437584421bd9d7ec57c4d43fe3e0a09adc080d521c44
d95e6ed219886193a6aa28fc592d342e9a1bae9688be2cd41fc7eafcb1fd3737
d9cdf9b8cd47c0a17356ff68e2581021800a4c86dd8d71aaf0ad5cfe025b114e
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e12404ccb0492da0a89fbda8db0ddb3c2358fcbd6d29b0c106ba840ca5f5e8ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5149bac0cdad7bbd9d1b7badb88909929d324ee90b6dd1628e0c59024d68e7c
e523f47c65c171a685ca8f1bb0c0c432f4d71104fa56e8f6163126ec908cc430
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
e5fae83c7b1bc318026072592130f5d8ac977970ad81b79218dd442235a59b6e
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae
e95b63df5dfdf0e0b0357145cdcab82f66f47a5b7362d7cc9ca3742bfbd580fd
ea3e0483991ab0655a286b9cd8f0669182bfde3aa16570f7191e34e33103f522
eb6ce397310855bbef74043afcdda989653ad7b7b385191e8c8d622eee74b367
edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b
ee041148b4d2b4bfb2a9dbff837265a3484bb6ef80a18174ee45309237654c74
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f277f68dfdfd292d90cb8024420897e6915ab570803af77f6e2118dea071a7c7
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f4d1dc5e2bebcc6c035e733b5586f308c032e377d490d733835fbc1fb0e5d979
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f993caa001338e6d090d683e4aca79a0e6c0d770fa3840aafaf09f426397d8fa
facf8de270be69de3d2a6fc877d6bbf24baacdeb6f8c5b39a4ac4853bcc096bb
fc3fb35c5c8d7c9ad56b8e4d7ea271b64507e1e56a96337706276fd2e01930cd
fc573eaf0e39d6b2429951f78b744dde5acb4cbee85a9b903aea0210072d9b48
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2
fd77c41d41a299d224e36572ee84e734bb53f2c56b3babe78619ec413d56d68a
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.huntress.com Open in urlscan Pro 2606:2c40::c73c:67e4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

181 Requests

98 %HTTPS

57 %IPv6

50 Domains

74 Subdomains

65 IPs

4 Countries

2909 kBTransfer

7724 kBSize

66 Cookies

31 Outgoing links

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.huntress.com Open in urlscan Pro
2606:2c40::c73c:67e4 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

98 %
HTTPS

57 %
IPv6

50
Domains

74
Subdomains

65
IPs

4
Countries

2909 kB
Transfer

7724 kB
Size

66
Cookies

181 HTTP transactions
0 data transactions