www.conducttr.com Open in urlscan Pro
2606:4700:20::681a:c47  Public Scan

17 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=185530&url=https%3A%2F%2Fwww.conducttr.com%2Fdemo-team-exercise-cyber-attack%2F&time=1597397887981 HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D185530%26url%3Dhttps%253A%252F%252Fwww.conducttr.com%252Fdemo-team-exercise-cyber-attack%252F%26time%3D1597397887981%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=185530&url=https%3A%2F%2Fwww.conducttr.com%2Fdemo-team-exercise-cyber-attack%2F&time=1597397887981&liSync=true

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.conducttr.com/demo-team-exercise-cyber-attack/	15 KB 4 KB	1758ms 1693ms	Document text/html	2606:4700:20::681a:c47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18cb2ee79222c470ec2a2d7e2c980947d08fe9a22aa79a1504a4b7a12498bf6b Request headers :method GET :authority www.conducttr.com :scheme https :path /demo-team-exercise-cyber-attack/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 14 Aug 2020 09:38:07 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d659075d28d73eb91041dbbaff5a427f01597397885; expires=Sun, 13-Sep-20 09:38:05 GMT; path=/; domain=.conducttr.com; HttpOnly; SameSite=Lax; Secure wordpress_google_apps_login=8e4130f43fcf4d7ca8a93dacc4ee7c54; path=/; secure vary Accept-Encoding link <https://www.conducttr.com/wp-json/>; rel="https://api.w.org/" <https://www.conducttr.com/?p=26562>; rel=shortlink cf-cache-status DYNAMIC cf-request-id 048dee7afa0000979c2ba5c200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5c29b3719be5979c-FRA content-encoding br
GET H2	200	style.css www.conducttr.com/css/	82 KB 14 KB	508ms 506ms	Stylesheet text/css	2606:4700:20::681a:c47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.conducttr.com/css/style.css?v=20200312160657 Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9489e9e825852f9169b383bfd754d241d06b0e3b76eabcab5b671389613ff444 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:07 GMT content-encoding br cf-cache-status MISS last-modified Thu, 12 Mar 2020 16:06:57 GMT server cloudflare etag W/"f7694b4188f8d51:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 5c29b37c2c6c979c-FRA cf-request-id 048dee81970000979c2bab8200000001
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.7.1/	92 KB 33 KB	8ms 5ms	Script text/javascript	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 11 Aug 2020 23:48:45 GMT content-encoding gzip x-content-type-options nosniff age 208162 status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33333 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 11 Aug 2021 23:48:45 GMT
GET H2	200	jquery.superfish.js Show response www.conducttr.com/js/plugins/	4 KB 1 KB	410ms 408ms	Script application/javascript	2606:4700:20::681a:c47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.conducttr.com/js/plugins/jquery.superfish.js Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e23d7576227d4dbadb209880d5ada34cdfec9a26185886b67b778bcd293d637a Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:07 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 09 Feb 2018 06:34:47 GMT server cloudflare etag W/"eb36391470a1d31:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 5c29b37c2c6e979c-FRA cf-request-id 048dee81980000979c2bab9200000001
GET H2	200	jquery.slimmenu.js Show response www.conducttr.com/js/plugins/	5 KB 1 KB	451ms 449ms	Script application/javascript	2606:4700:20::681a:c47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.conducttr.com/js/plugins/jquery.slimmenu.js Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b396d5fae63d903b39e019370356b1baa43d0c51e443e7d2aaf99bde1878344 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:07 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 09 Feb 2018 06:34:47 GMT server cloudflare etag W/"93d4361470a1d31:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 5c29b37c2c70979c-FRA cf-request-id 048dee81980000979c2baba200000001
GET H2	200	jquery.custom-scrollbar.js Show response www.conducttr.com/js/plugins/	25 KB 4 KB	439ms 437ms	Script application/javascript	2606:4700:20::681a:c47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.conducttr.com/js/plugins/jquery.custom-scrollbar.js Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c61ad4a1f2fe0922f953adc858f9fa265708b13aaf1b46bb5eeafaeb5a3cd96 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:07 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 09 Feb 2018 06:34:47 GMT server cloudflare etag W/"d6f321470a1d31:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 5c29b37c2c71979c-FRA cf-request-id 048dee81980000979c2babb200000001
GET H2	200	general.js Show response www.conducttr.com/js/	2 KB 957 B	379ms 377ms	Script application/javascript	2606:4700:20::681a:c47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.conducttr.com/js/general.js Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dffd9a9f68686c8ed4abc23e7cccbe39039023828880b0a1ab8b5e45954877ec Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:07 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 09 Feb 2018 06:34:47 GMT server cloudflare etag W/"3e993b1470a1d31:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 5c29b37c2c72979c-FRA cf-request-id 048dee81980000979c2babc200000001
GET H2	200	conversion.js Show response www.googleadservices.com/pagead/	29 KB 11 KB	33ms 32ms	Script text/javascript	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion.js Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f130.1e100.net Software cafe / Resource Hash 81c78e5743eed227d290efa2825e66de15b24d29854e5f6c6b147903ceff8dfc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:07 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 11440 x-xss-protection 0 server cafe etag 13634851805435395075 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Fri, 14 Aug 2020 09:38:07 GMT
GET H2	200	iubenda_cs.js Show response cdn.iubenda.com/cookie_solution/safemode/	237 B 477 B	126ms 42ms	Script application/javascript	104.103.76.96 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.iubenda.com/cookie_solution/safemode/iubenda_cs.js Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.103.76.96 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-103-76-96.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 3a585399acea802506b248a0f83926def3bc57198d35a8e48dadd149c556f2b1 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:07 GMT content-encoding gzip last-modified Fri, 14 Aug 2020 08:27:00 GMT server nginx/1.15.8 etag "5f364ad4-c8" vary Accept-Encoding p3p CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml" status 200 cache-control public, must-revalidate, proxy-revalidate, max-age=10800 content-type application/javascript content-length 200 expires Fri, 14 Aug 2020 12:38:07 GMT
GET H/1.1	200 OK	loader.js Show response cdn.pubble.io/javascript/	31 KB 9 KB	149ms 21ms	Script application/x-javascript	13.226.155.93 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.pubble.io/javascript/loader.js Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.226.155.93 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-155-93.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash 89f169082f521a88a435550e0d3371ef4b757a1fd84276aa085568bf0776d59c Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 07 Aug 2020 07:25:32 GMT Content-Encoding gzip Connection keep-alive Last-Modified Mon, 11 May 2020 10:23:37 GMT Server AmazonS3 Age 612757 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/x-javascript Via 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront) Cache-Control max-age=2592000 Transfer-Encoding chunked X-Amz-Cf-Pop DUS51-C1 X-Amz-Cf-Id 5GxpxgPYW19WrIgQO52nhgn2pmBNWkAq0hvcdAYZ9Hj3QyrC0DUSsQ==
GET H2	200	analytics.js Show response www.google-analytics.com/	45 KB 18 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:816::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 04 Jun 2020 23:38:14 GMT server Golfe2 age 1347 date Fri, 14 Aug 2020 09:15:40 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18469 expires Fri, 14 Aug 2020 11:15:40 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	79 KB 30 KB	35ms 34ms	Script application/javascript	2a00:1450:4001:815::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-K8Z2K7K Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 598ed380c3d018ceb498a9768fa94dea47f61ca8bf5748425a91c8fff749c9fe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:07 GMT content-encoding br vary Accept-Encoding status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30818 x-xss-protection 0 last-modified Fri, 14 Aug 2020 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 14 Aug 2020 09:38:07 GMT
GET H2	200	hotjar-1046867.js Show response static.hotjar.com/c/	13 KB 4 KB	73ms 39ms	Script application/javascript	147.75.102.197 PACKET
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1046867.js?sv=6 Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 147.75.102.197 Central, Hong Kong, ASN54825 (PACKET, US), Reverse DNS pkt-ams-k2-shared-ingress11 Software / Resource Hash b61639f80fe6cd83f0242ed1fa6ea963c76b40ff17b7834ba8f4a9a169477f30 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:07 GMT content-encoding br x-content-type-options nosniff section-io-tag hotjarjs age 0 status 200 section-io-cache Miss vary Accept-Encoding cache-control max-age=60 etag W/a1f15f70ce1473f96928de5ba93eef8a access-control-max-age 600 section-io-origin-status 200 access-control-allow-origin * x-cache-hit 1 section-io-origin-time-seconds 0.021 section-io-id f19cd0d90443157066411c8cef4f79ee accept-ranges bytes content-type application/javascript section-origin-responded true
GET H2	200	OZfgET63Jlw www.youtube.com/embed/ Frame 5D26	0 0	172ms 150ms	Document text/html	2a00:1450:4001:81d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/OZfgET63Jlw Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software YouTube Frontend Proxy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.youtube.com :scheme https :path /embed/OZfgET63Jlw pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ Response headers status 200 content-encoding br x-content-type-options nosniff content-length 10712 content-type text/html; charset=utf-8 expires Tue, 27 Apr 1971 19:44:06 GMT cache-control no-cache strict-transport-security max-age=31536000 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." date Fri, 14 Aug 2020 09:38:08 GMT server YouTube Frontend Proxy x-xss-protection 0 set-cookie VISITOR_INFO1_LIVE=WKOZz-NHqkU; path=/; domain=.youtube.com; secure; expires=Wed, 10-Feb-2021 09:38:07 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 14-Aug-2020 10:08:07 GMT YSC=3tRaeoxj9wU; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=WKOZz-NHqkU; path=/; domain=.youtube.com; secure; expires=Wed, 10-Feb-2021 09:38:07 GMT; httponly; samesite=None alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	cyber_demo_registration teamxp.cm.cr/widget/demo/ Frame 3E11	0 0	608ms 235ms	Document text/html	52.4.232.68 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://teamxp.cm.cr/widget/demo/cyber_demo_registration Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.4.232.68 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-4-232-68.compute-1.amazonaws.com Software / Resource Hash Request headers Host teamxp.cm.cr Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ Response headers Content-Type text/html; charset=UTF-8 Content-Encoding gzip Vary Accept-Encoding Server Date Fri, 14 Aug 2020 09:37:47 GMT Content-Length 11864
GET H/1.1	200 OK	newsletter teamxp.cm.cr/ Frame EE10	0 0	517ms 146ms	Document text/html	52.4.232.68 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://teamxp.cm.cr/newsletter Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.4.232.68 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-4-232-68.compute-1.amazonaws.com Software / Resource Hash Request headers Host teamxp.cm.cr Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ Response headers Content-Type text/html; charset=UTF-8 Content-Encoding gzip Vary Accept-Encoding Server Date Fri, 14 Aug 2020 09:37:47 GMT Content-Length 2210
GET H2	200	ico-social.png www.conducttr.com/images/	1 KB 2 KB	456ms 452ms	Image image/png	2606:4700:20::681a:c47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.conducttr.com/images/ico-social.png Requested by Host: www.conducttr.com URL: https://www.conducttr.com/css/style.css?v=20200312160657 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38a03e6127d891fbfa6e2f9c3f86afcb644ae0ba26b4c7b0778cf5c6cefe3d64 Request headers Referer https://www.conducttr.com/css/style.css?v=20200312160657 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:08 GMT cf-cache-status MISS last-modified Fri, 09 Feb 2018 06:34:47 GMT server cloudflare etag "8994791470a1d31:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5c29b37f6f6a979c-FRA content-length 1489 cf-request-id 048dee83a30000979c2bad1200000001
GET H2	200	logo.png www.conducttr.com/images/	3 KB 3 KB	404ms 400ms	Image image/png	2606:4700:20::681a:c47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.conducttr.com/images/logo.png Requested by Host: www.conducttr.com URL: https://www.conducttr.com/css/style.css?v=20200312160657 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5545528c35081597cf7238c86a996c4cbfe7c8c45d61607498353e81842b72d0 Request headers Referer https://www.conducttr.com/css/style.css?v=20200312160657 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:08 GMT cf-cache-status REVALIDATED last-modified Fri, 09 Feb 2018 06:34:47 GMT server cloudflare etag "8994791470a1d31:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5c29b37f6f6d979c-FRA content-length 3415 cf-request-id 048dee83a40000979c2bad4200000001
GET H2	200	ico-social-footer.png www.conducttr.com/images/	2 KB 2 KB	377ms 374ms	Image image/png	2606:4700:20::681a:c47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.conducttr.com/images/ico-social-footer.png Requested by Host: www.conducttr.com URL: https://www.conducttr.com/css/style.css?v=20200312160657 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2be5f668e89fdb4205257f4ace81ae0e9c731e84c39c302a0a872eb617cdf67b Request headers Referer https://www.conducttr.com/css/style.css?v=20200312160657 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:08 GMT cf-cache-status MISS last-modified Fri, 09 Feb 2018 06:34:47 GMT server cloudflare etag "8994791470a1d31:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5c29b37f6f72979c-FRA content-length 2105 cf-request-id 048dee83a40000979c2bad7200000001
GET H2	200	proximanova-bold-webfont.woff www.conducttr.com/fonts/	24 KB 24 KB	391ms 388ms	Font font/x-woff	2606:4700:20::681a:c47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.conducttr.com/fonts/proximanova-bold-webfont.woff Requested by Host: www.conducttr.com URL: https://www.conducttr.com/css/style.css?v=20200312160657 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://www.conducttr.com Referer https://www.conducttr.com/css/style.css?v=20200312160657 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:08 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 09 Feb 2018 06:34:47 GMT server cloudflare etag W/"536bb01470a1d31:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type font/x-woff status 200 cache-control max-age=14400 cf-ray 5c29b37f6f6b979c-FRA cf-request-id 048dee83a40000979c2bad2200000001
GET H2	200	proximanova-semibold-webfont.woff www.conducttr.com/fonts/	24 KB 24 KB	667ms 665ms	Font font/x-woff	2606:4700:20::681a:c47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.conducttr.com/fonts/proximanova-semibold-webfont.woff Requested by Host: www.conducttr.com URL: https://www.conducttr.com/css/style.css?v=20200312160657 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://www.conducttr.com Referer https://www.conducttr.com/css/style.css?v=20200312160657 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:08 GMT content-encoding br cf-cache-status MISS last-modified Fri, 09 Feb 2018 06:34:48 GMT server cloudflare etag W/"baf4b91470a1d31:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type font/x-woff status 200 cache-control max-age=14400 cf-ray 5c29b37f6f6f979c-FRA cf-request-id 048dee83a40000979c2bad5200000001
GET H2	200	proximanova-regular-webfont.woff www.conducttr.com/fonts/	26 KB 26 KB	375ms 372ms	Font font/x-woff	2606:4700:20::681a:c47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.conducttr.com/fonts/proximanova-regular-webfont.woff Requested by Host: www.conducttr.com URL: https://www.conducttr.com/css/style.css?v=20200312160657 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://www.conducttr.com Referer https://www.conducttr.com/css/style.css?v=20200312160657 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:08 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 09 Feb 2018 06:34:47 GMT server cloudflare etag W/"6092b71470a1d31:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type font/x-woff status 200 cache-control max-age=14400 cf-ray 5c29b37f6f70979c-FRA cf-request-id 048dee83a40000979c2bad6200000001
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/952912349/	2 KB 1 KB	17ms 17ms	Script text/javascript	2a00:1450:4001:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952912349/?random=1597397887933&cv=9&fst=1597397887933&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.conducttr.com%2Fdemo-team-exercise-cyber-attack%2F&tiba=(DEMO)%20Team%20exercise%20-%20Cyber-attack%20online%20sim%20%E2%80%A2%20Conducttr&hn=www.googleadservices.com&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a0e12b16cb07d97e59b4ef3a0fab76f6a5cb72009784886326af8d67b9cb078a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 14 Aug 2020 09:38:07 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control no-cache, must-revalidate content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 1035 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	track.js Show response serve.albacross.com/	64 KB 19 KB	113ms 25ms	Script application/javascript	13.226.155.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://serve.albacross.com/track.js Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.226.155.111 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-155-111.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash b7a12ed6cb5012d970eab1bd99f316a9077e4a1b3085ace81c19153839e6c076 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 14 Aug 2020 09:10:47 GMT Content-Encoding gzip Last-Modified Wed, 23 Oct 2019 09:31:23 GMT Server AmazonS3 Age 1642 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront) Connection keep-alive Transfer-Encoding chunked X-Amz-Cf-Pop DUS51-C1 X-Amz-Cf-Id 13iSxaFa-AL7pDrI1lmQrqAa3gOBwiCEZfE5AIlubtacDexyPzH08Q==
GET H/1.1	200 OK	insight.min.js Show response snap.licdn.com/li.lms-analytics/	3 KB 2 KB	22ms 7ms	Script application/x-javascript	2a02:26f0:f1:29d::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f1:29d::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 14 Aug 2020 09:38:07 GMT Content-Encoding gzip Last-Modified Mon, 07 Oct 2019 16:41:31 GMT X-CDN AKAM Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=55078 Connection keep-alive Accept-Ranges bytes Content-Length 1576
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	134 KB 34 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 34269 x-xss-protection 0 pragma public x-fb-debug 6yk+u2a4Qd/elMLRtNPRe2cr/CuFF20eVZXBZThCPYZxnZTyhtPcawWYaMgUuUW/KeC8wCNgEl19FnsNYhqjDA== x-fb-trip-id 664085054 x-frame-options DENY date Fri, 14 Aug 2020 09:38:07 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self'; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/2+Q/46	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 1000 B	6ms 6ms	Script text/javascript	2a00:1450:4001:816::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol HTTP/2+QUIC/46 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:30:36 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 451 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=3600 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 859 x-xss-protection 0 expires Fri, 14 Aug 2020 10:30:36 GMT
GET H2	200	core-fcf8c9eac36aece9d290934b54a63296.js Show response cdn.iubenda.com/cookie_solution/iubenda_cs/	97 KB 32 KB	42ms 42ms	Script application/javascript	104.103.76.96 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.iubenda.com/cookie_solution/iubenda_cs/core-fcf8c9eac36aece9d290934b54a63296.js Requested by Host: cdn.iubenda.com URL: https://cdn.iubenda.com/cookie_solution/safemode/iubenda_cs.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.103.76.96 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-103-76-96.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 3883953ece04ad3f10b29882c2d75b7dfed7c4fc3a2505063b78cb6549038645 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:07 GMT content-encoding gzip last-modified Thu, 13 Aug 2020 09:45:47 GMT server nginx/1.15.8 etag "5f350bcb-7dbd" vary Accept-Encoding p3p CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml" status 200 cache-control public, must-revalidate, proxy-revalidate, max-age=31536000 content-type application/javascript content-length 32189 expires Sat, 14 Aug 2021 09:38:07 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/952912349/	42 B 107 B	30ms 29ms	Image image/gif	2a00:1450:4001:800::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/952912349/?random=1597397887933&cv=9&fst=1597395600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.conducttr.com%2Fdemo-team-exercise-cyber-attack%2F&tiba=(DEMO)%20Team%20exercise%20-%20Cyber-attack%20online%20sim%20%E2%80%A2%20Conducttr&fmt=3&is_vtc=1&random=3764556856&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 14 Aug 2020 09:38:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/952912349/	42 B 107 B	22ms 21ms	Image image/gif	2a00:1450:4001:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/952912349/?random=1597397887933&cv=9&fst=1597395600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.conducttr.com%2Fdemo-team-exercise-cyber-attack%2F&tiba=(DEMO)%20Team%20exercise%20-%20Cyber-attack%20online%20sim%20%E2%80%A2%20Conducttr&fmt=3&is_vtc=1&random=3764556856&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 14 Aug 2020 09:38:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/2+Q/46	200	collect www.google-analytics.com/	35 B 109 B	6ms 6ms	Image image/gif	2a00:1450:4001:816::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j83&a=821871955&t=pageview&_s=1&dl=https%3A%2F%2Fwww.conducttr.com%2Fdemo-team-exercise-cyber-attack%2F&ul=en-us&de=UTF-8&dt=(DEMO)%20Team%20exercise%20-%20Cyber-attack%20online%20sim%20%E2%80%A2%20Conducttr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgAAj~&jid=1268027696&gjid=786670211&cid=658821997.1597397888&tid=UA-17944664-2&_gid=1048150092.1597397888&z=2092040544 Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol HTTP/2+QUIC/46 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 12 Aug 2020 07:11:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 181614 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect stats.g.doubleclick.net/r/	35 B 133 B	18ms 18ms	Image image/gif	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-17944664-2&cid=658821997.1597397888&jid=1268027696&gjid=786670211&_gid=1048150092.1597397888&_u=KGBAgAAj~&z=1321344599 Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 14 Aug 2020 09:38:07 GMT status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	262993237434663 Show response connect.facebook.net/signals/config/	524 KB 133 KB	67ms 67ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/262993237434663?v=2.9.23&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash fea3e81eb022fabc7c91f77181bb619bb5b410a273e687bc8f7e64d1133cd47a Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug hCucXGIOWwfBuikNIUlLhxw1p422aENSQiyTS2vTR9k7wj02nukhXutAbre2zGLtAbrbtcMpj46KNbA3KB4o9Q== x-fb-trip-id 664085054 x-frame-options DENY date Fri, 14 Aug 2020 09:38:08 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	collect px.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=185530&url=https%3A%2F%2Fwww.conducttr.com%2Fdemo-team-exercise-cyber-attack%2F&time=1597397887981 https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D185530%26url%3Dhttps%253A%252F%252Fwww.conducttr.com%252Fdemo-team-exercise-cyber... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=185530&url=https%3A%2F%2Fwww.conducttr.com%2Fdemo-team-exercise-cyber-attack%2F&time=1597397887981&liSync=true	0 58 B	167ms 167ms	Image application/javascript	2a05:f500:11:101::b93f:9005 LINKEDIN
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=185530&url=https%3A%2F%2Fwww.conducttr.com%2Fdemo-team-exercise-cyber-attack%2F&time=1597397887981&liSync=true Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US), Reverse DNS Software Play / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:08 GMT server Play linkedin-action 1 x-li-fabric prod-lor1 status 200 x-li-proto http/2 x-li-pop prod-tln1 content-type application/javascript content-length 0 x-li-uuid 46USh+oYKxYwtYmywSoAAA== Redirect headers content-security-policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l x-content-type-options nosniff linkedin-action 1 status 302 content-length 0 x-li-uuid lmOtgOoYKxbgfyPQRysAAA== pragma no-cache x-li-pop afd-prod-lor1 x-msedge-ref Ref A: 95AFC0EEE2634894947A366DC732AA61 Ref B: FRAEDGE0818 Ref C: 2020-08-14T09:38:08Z x-frame-options sameorigin date Fri, 14 Aug 2020 09:38:07 GMT expect-ct max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct" strict-transport-security max-age=2592000 x-li-fabric prod-lor1 location https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=185530&url=https%3A%2F%2Fwww.conducttr.com%2Fdemo-team-exercise-cyber-attack%2F&time=1597397887981&liSync=true x-xss-protection 1; mode=block cache-control no-cache, no-store x-li-proto http/2 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	modules.0eea85e88cfdd19ba133.js Show response script.hotjar.com/	357 KB 70 KB	55ms 21ms	Script application/javascript	147.75.32.125 PACKET
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.0eea85e88cfdd19ba133.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1046867.js?sv=6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 147.75.32.125 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS pkt-ams-k2-shared-ingress4 Software / Resource Hash e20a348044ae9de2d42230cc3ac0dac5643f031a34c49938e532720b5099d942 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:08 GMT content-encoding br age 4602 status 200 section-io-cache Hit content-length 71092 last-modified Fri, 14 Aug 2020 08:18:08 GMT etag "8fb14d16d2a52b8259c3215933f9e130" vary Accept-Encoding section-io-origin-status 200 access-control-allow-origin * cache-control max-age=31536000 section-io-origin-time-seconds 0.029 section-io-id b2df197698a57f6417b0450d0246fa88 accept-ranges bytes content-type application/javascript section-origin-responded true
GET H2	200	53431760.js Show response www.iubenda.com/cookie-solution/confs/js/	86 B 450 B	94ms 92ms	Script application/javascript	104.103.76.96 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.iubenda.com/cookie-solution/confs/js/53431760.js Requested by Host: cdn.iubenda.com URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/core-fcf8c9eac36aece9d290934b54a63296.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.103.76.96 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-103-76-96.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 6cacd21e4e079f6ff6d0da2758869a4b5a982b1dadd1b752b5f21368aefaac37 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:08 GMT access-control-request-method * status 200 content-encoding gzip content-length 84 last-modified Tue, 16 Jun 2020 15:59:52 GMT server nginx etag "5ee8ec78-56" vary Accept-Encoding access-control-allow-methods POST, PUT, DELETE, GET, OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=86400 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization expires Sat, 15 Aug 2020 09:38:08 GMT
GET H2	200	box-469cf41adb11dc78be68c1ae7f9457a4.html vars.hotjar.com/ Frame B609	0 0	49ms 15ms	Document text/html	147.75.33.131 PACKET
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1046867.js?sv=6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 147.75.33.131 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS pkt-ams-k2-shared-ingress9 Software / Resource Hash Request headers :method GET :authority vars.hotjar.com :scheme https :path /box-469cf41adb11dc78be68c1ae7f9457a4.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ Response headers status 200 date Fri, 14 Aug 2020 09:38:08 GMT content-type text/html content-length 851 last-modified Thu, 13 Aug 2020 13:57:17 GMT etag "d594f1d4c3e5dbd6b556c60d34e0daea" cache-control max-age=31536000 content-encoding br section-io-origin-status 200 section-io-origin-time-seconds 0.060 section-origin-responded true age 13462 vary Accept-Encoding section-io-cache Hit accept-ranges bytes section-io-id 08ab600e8e075f66fcb226b00e20bea6
GET H2	200	init.htm Show response www.pubble.io/api/	7 KB 3 KB	289ms 197ms	Script application/json	52.213.237.91 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.pubble.io/api/init.htm?v=1597397888047&appID=49396&identifier=49396&layout=embed&callback=pubbleLoader.initLoader&url=https%3A//www.conducttr.com/demo-team-exercise-cyber-attack/ Requested by Host: cdn.pubble.io URL: https://cdn.pubble.io/javascript/loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.237.91 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-237-91.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash 4671f36acbf25e540d85cdb7050aeb6f7d393dcb14d9860bdb51232443cc38fa Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains X-Xss-Protection 1; mode=block Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:08 GMT content-encoding gzip server Apache vary Accept-Encoding content-type application/json;charset=UTF-8 status 200 cache-control no-cache strict-transport-security max-age=31536000 ; includeSubDomains content-length 2341 x-xss-protection 1; mode=block
GET H2	200	/ www.facebook.com/tr/	44 B 259 B	6ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=262993237434663&ev=PageView&dl=https%3A%2F%2Fwww.conducttr.com%2Fdemo-team-exercise-cyber-attack%2F&rl=&if=false&ts=1597397888151&sw=1600&sh=1200&v=2.9.23&r=stable&ec=0&o=30&fbp=fb.1.1597397888150.1309808445&it=1597397887978&coo=false&rqm=GET Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:08 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Fri, 14 Aug 2020 09:38:08 GMT
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/1046867/	178 B 320 B	106ms 41ms	XHR application/json	52.49.171.198 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/1046867/visit-data?sv=6 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.0eea85e88cfdd19ba133.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.171.198 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-171-198.eu-west-1.compute.amazonaws.com Software / Resource Hash 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Fri, 14 Aug 2020 09:38:08 GMT content-encoding br status 200 vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-max-age 86400 access-control-allow-credentials true
POST H2	204	1046867 Show response vc.hotjar.io/sessions/	0 115 B	72ms 37ms	XHR text/plain	147.75.32.125 PACKET
General Check archive.org Show headers Download Go to Full URL https://vc.hotjar.io/sessions/1046867?s=0.25 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.0eea85e88cfdd19ba133.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 147.75.32.125 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS pkt-ams-k2-shared-ingress4 Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers status 204 date Fri, 14 Aug 2020 09:38:08 GMT access-control-allow-origin * section-io-id 0a8c10b1536e44dc4c054e05d6a3002d section-origin-responded true
GET H/1.1	200 OK	e.gif collect.albacross.com/	37 B 184 B	132ms 32ms	Image image/gif	52.211.148.7 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://collect.albacross.com/e.gif?s=JSCollector%2C2.0.2%2C1597397888062&e1=pageview&ur1=https%3A%2F%2Fwww.conducttr.com%2Fdemo-team-exercise-cyber-attack%2F&ti1=(DEMO)%20Team%20exercise%20-%20Cyber-attack%20online%20sim%20%E2%80%A2%20Conducttr&re1=1600&re1=1200&p1=f612d934-582e-2b06-78ca-fd25cac1ea5c&c1=89832634&ci1=26a35337-e2aa-1002-a7d3-4c8b645060f4&v1=b1e9f94c-25d8-13da-72a6-74c0af6055e2&u1=f612d934-582e-2b06-78ca-fd25cac1ea5c&e2=fingerprint&fi2=5404145d11ea4210b857aa82e3eb3515&ti2=48&p2=f612d934-582e-2b06-78ca-fd25cac1ea5c&c2=89832634&ci2=26a35337-e2aa-1002-a7d3-4c8b645060f4&v2=b1e9f94c-25d8-13da-72a6-74c0af6055e2&u2=d4987469-d28c-d661-7424-dcb0a053626e Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.211.148.7 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-211-148-7.eu-west-1.compute.amazonaws.com Software nginx/1.12.1 / Resource Hash 49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 14 Aug 2020 09:38:08 GMT Server nginx/1.12.1 Connection keep-alive Content-Length 37 Content-Type image/gif
GET H/1.1	200 OK	normalize.css cdn.pubble.io/resources/livechat/css/	7 KB 2 KB	23ms 22ms	Stylesheet text/css	13.226.155.93 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.pubble.io/resources/livechat/css/normalize.css Requested by Host: cdn.pubble.io URL: https://cdn.pubble.io/javascript/loader.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.226.155.93 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-155-93.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash a01975b19558c0100f8dffdc033e25b22859130bf75396657d01ce64d4178736 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 13 Aug 2020 13:16:52 GMT Content-Encoding gzip Last-Modified Mon, 03 Feb 2020 20:20:14 GMT Server AmazonS3 Age 73277 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type text/css Via 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront) Connection keep-alive Transfer-Encoding chunked X-Amz-Cf-Pop DUS51-C1 X-Amz-Cf-Id ihy6fZR0C925ZsD8ToJKSjvrDHjQgQPhoCAE8r7LvyiPK8TWR5Q3yg==
GET H/1.1	200 OK	pubble-sb.css cdn.pubble.io/resources/livechat-sidebar/css/	23 KB 4 KB	45ms 21ms	Stylesheet text/css	13.226.155.93 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.pubble.io/resources/livechat-sidebar/css/pubble-sb.css Requested by Host: cdn.pubble.io URL: https://cdn.pubble.io/javascript/loader.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.226.155.93 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-155-93.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash 2d1864827513538b3566d2d52ea220795952131e36d232085a6c5f840a6d0420 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 14 Aug 2020 06:54:25 GMT Content-Encoding gzip Last-Modified Mon, 03 Feb 2020 20:20:17 GMT Server AmazonS3 Age 9824 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type text/css Via 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront) Connection keep-alive Transfer-Encoding chunked X-Amz-Cf-Pop DUS51-C1 X-Amz-Cf-Id 4HbnMkKCRJq3qzl9w37RrMy3yVVUDbhc3DHdK12L4lAQi74r80bywg==
GET H2	200	pusher.min.js Show response js.pusher.com/2.2/	47 KB 13 KB	87ms 24ms	Script application/javascript	13.226.154.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.pusher.com/2.2/pusher.min.js Requested by Host: cdn.pubble.io URL: https://cdn.pubble.io/javascript/loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.226.154.82 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-154-82.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash 4580e68d9f35a3ad5e8e64799138cbdfe9053c4262f7ee68e20765fd9e829099 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 05 Aug 2020 00:39:47 GMT content-encoding gzip last-modified Tue, 06 Nov 2018 11:41:00 GMT server AmazonS3 age 809902 status 200 vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=2592000 x-cache Hit from cloudfront x-amz-cf-pop DUS51-C1 x-amz-cf-id yaaQW6-Hb99Z5jfvPRmBKopOG_pk6jwAvT-1gKBiTcsgvMRPP65hWA== via 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
GET H/1.1	200 OK	livechat_v215a.js Show response cdn.pubble.io/livechat/javascript/	507 KB 133 KB	23ms 23ms	Script application/x-javascript	13.226.155.93 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.pubble.io/livechat/javascript/livechat_v215a.js Requested by Host: cdn.pubble.io URL: https://cdn.pubble.io/javascript/loader.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.226.155.93 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-155-93.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash fff8ba8a4214a5a57994a1a14e911e791e561e9f7f9f2ec730d5568f13576000 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 14 Aug 2020 09:37:26 GMT Content-Encoding gzip Last-Modified Mon, 10 Aug 2020 09:27:40 GMT Server AmazonS3 Age 43 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/x-javascript Via 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront) Connection keep-alive Transfer-Encoding chunked X-Amz-Cf-Pop DUS51-C1 X-Amz-Cf-Id XHmXOBzbiOTTBy-1GQ6hqLMvTZ4gCXkc8_u_-YUmVtn9kY8syhTXbQ==
GET H2	200	mixpanel-2-latest.min.js Show response cdn.mxpnl.com/libs/	79 KB 27 KB	21ms 6ms	Script text/javascript	2600:1901:0:bc29:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js Requested by Host: cdn.pubble.io URL: https://cdn.pubble.io/livechat/javascript/livechat_v215a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:bc29:: , United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash ad2e9d818a624183e056f9a6aae4d99852ab74d5cd9d43e0ca243ecbe7762ece Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:35:03 GMT content-encoding gzip age 185 x-guploader-uploadid AAANsUlVvIDd51A0I1ihDa0LDemdcK3oO9Ue9yerwPmtcT7cNZ3r2I-qpW8Zu-oq4nId3-Li21Ua6n_WCbilIY9wYPA x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc clear content-length 26889 last-modified Fri, 12 Jun 2020 22:29:38 GMT server UploadServer etag "5a8b0c73e7b7380b715a6857a7b375d1" vary Accept-Encoding x-goog-hash crc32c=1R8HAg==, md5=WosMc+e3OAtxWmhXp7N10Q== content-language en access-control-allow-origin * x-goog-generation 1592000978467495 cache-control public,max-age=600 x-goog-stored-content-length 26889 accept-ranges bytes content-type text/javascript expires Fri, 14 Aug 2020 09:45:03 GMT
GET H/1.1	200 OK	pubble-cw.css cdn.pubble.io/resources/livechat/css/	135 KB 20 KB	23ms 21ms	Stylesheet text/css	13.226.155.93 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.pubble.io/resources/livechat/css/pubble-cw.css Requested by Host: cdn.pubble.io URL: https://cdn.pubble.io/javascript/loader.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.226.155.93 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-155-93.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash febff62200569453f87cbf880362ea28942b74f88035fd66cb056e8f6026ef6c Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 14 Aug 2020 08:08:16 GMT Content-Encoding gzip Last-Modified Mon, 10 Aug 2020 07:54:04 GMT Server AmazonS3 Age 5393 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type text/css Via 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront) Connection keep-alive Transfer-Encoding chunked X-Amz-Cf-Pop DUS51-C1 X-Amz-Cf-Id Gj45RnSB-0tTdmk1dffeNl9Oz1-xLUDkoXnSKbwBxc87LRZP38iekw==
GET H/1.1	200 OK	/ Show response media.pubble.io/ipsq/	213 B 605 B	107ms 33ms	Script text/plain	52.49.255.156 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://media.pubble.io/ipsq/?callback=jQuery190048432087384004285_1597397888505&contentType=JSONP Requested by Host: cdn.pubble.io URL: https://cdn.pubble.io/livechat/javascript/livechat_v215a.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.255.156 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-255-156.eu-west-1.compute.amazonaws.com Software nginx / Express Resource Hash c37f68fe8eddc3e4b698d3da0ce23fd7d6381ab892c3e0eaac53afb82b71889b Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 14 Aug 2020 09:38:08 GMT Server nginx X-Powered-By Express Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST Access-Control-Allow-Origin * Cache-Control public, max-age=31557600, private, max-age=0, no-cache, no-store Connection keep-alive Access-Control-Allow-Headers X-Requested-With
GET H/1.1	206 Partial Content	beep.mp3 cdn.pubble.io/pubblebot/	71 KB 0	23ms 22ms	Media audio/mpeg	13.226.155.93 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.pubble.io/pubblebot/beep.mp3 Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.226.155.93 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-155-93.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Range bytes=0- Response headers Date Thu, 13 Aug 2020 11:10:46 GMT Via 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront) Last-Modified Mon, 15 Jun 2020 11:47:33 GMT Server AmazonS3 Age 80843 ETag "d9a4c4ba7211c0c9793dbadc778615a8" X-Cache Hit from cloudfront Content-Type audio/mpeg Content-Range bytes 0-72985/72986 Connection keep-alive X-Amz-Cf-Pop DUS51-C1 Accept-Ranges bytes Content-Length 72986 X-Amz-Cf-Id tzqSobvHfK_QNErGNTH0rRM2Ka9sdzUk3CSu_mHIqGe5tL3KcK0Hkw==
GET H2	200	/ Show response api-js.mixpanel.com/decide/	65 B 328 B	95ms 36ms	XHR application/json	35.186.241.51 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api-js.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=76db2e2bde9dc0445f42c2b3d88526c8&ip=1&_=1597397888561 Requested by Host: cdn.mxpnl.com URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.241.51 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 51.241.186.35.bc.googleusercontent.com Software gunicorn/19.9.0 / Resource Hash 5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:08 GMT via 1.1 google server gunicorn/19.9.0 access-control-allow-headers X-Requested-With status 200 access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://www.conducttr.com cache-control no-cache, no-store access-control-allow-credentials true alt-svc clear
GET H2	200	comment-black-oval-bubble-shape.png www.conducttr.com/images/	5 KB 6 KB	429ms 428ms	Image image/png	2606:4700:20::681a:c47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.conducttr.com/images/comment-black-oval-bubble-shape.png Requested by Host: www.conducttr.com URL: https://www.conducttr.com/css/style.css?v=20200312160657 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5bf8328bd113840570ef2aa42a97d95e775adb286ab8fca75d6beabd36a1658c Request headers Referer https://www.conducttr.com/css/style.css?v=20200312160657 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:09 GMT cf-cache-status REVALIDATED last-modified Tue, 05 Jun 2018 14:14:21 GMT server cloudflare etag "114dff7fd7fcd31:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5c29b383bb3d979c-FRA content-length 5595 cf-request-id 048dee86500000979c2baf4200000001
GET H/1.1	200 OK	pubble-cw-main.png cdn.pubble.io/resources/livechat/images/	32 KB 32 KB	22ms 22ms	Image image/png	13.226.155.93 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.pubble.io/resources/livechat/images/pubble-cw-main.png Requested by Host: cdn.pubble.io URL: https://cdn.pubble.io/resources/livechat/css/pubble-cw.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.226.155.93 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-155-93.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash a723821231084cce472405ffa456ae6dacc2f4a790abab9497ac0ea89ed2a61b Request headers Referer https://cdn.pubble.io/resources/livechat/css/pubble-cw.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 14 Aug 2020 09:05:18 GMT Via 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront) Last-Modified Fri, 20 Mar 2020 15:22:57 GMT Server AmazonS3 Age 1971 ETag "6577f5743e9ab43089aaefb12ab13bbb" X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive X-Amz-Cf-Pop DUS51-C1 Accept-Ranges bytes Content-Length 32667 X-Amz-Cf-Id axx9Plq3LNWnMZSOTHDxZdYNSPuy1rzTnK75JZNRbQGEuave0yzjIg==
GET H2	200	iframe_bridge.html cdn.iubenda.com/cookie_solution/ Frame C349	0 0	41ms 41ms	Document text/html	104.103.76.96 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.iubenda.com/cookie_solution/iframe_bridge.html?origin=https%3A%2F%2Fwww.conducttr.com%2Fdemo-team-exercise-cyber-attack%2F&meth=%22compact%22 Requested by Host: cdn.iubenda.com URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/core-fcf8c9eac36aece9d290934b54a63296.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.103.76.96 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-103-76-96.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash Request headers :method GET :authority cdn.iubenda.com :scheme https :path /cookie_solution/iframe_bridge.html?origin=https%3A%2F%2Fwww.conducttr.com%2Fdemo-team-exercise-cyber-attack%2F&meth=%22compact%22 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ Response headers status 200 server nginx/1.15.8 content-type text/html content-length 1236 last-modified Fri, 14 Aug 2020 08:27:00 GMT etag "5f364ad4-4d4" content-encoding gzip p3p CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml" cache-control public, must-revalidate, proxy-revalidate, max-age=86400 expires Sat, 15 Aug 2020 09:38:09 GMT date Fri, 14 Aug 2020 09:38:09 GMT vary Accept-Encoding
GET H/1.1	200 OK	e.gif collect.albacross.com/	37 B 184 B	32ms 31ms	Image image/gif	52.211.148.7 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://collect.albacross.com/e.gif?s=JSCollector%2C2.0.2%2C1597397889017&e1=page_performance&ply1=19&pl1=3406&n1=navigated&p1=f612d934-582e-2b06-78ca-fd25cac1ea5c&c1=89832634&ci1=26a35337-e2aa-1002-a7d3-4c8b645060f4&v1=b1e9f94c-25d8-13da-72a6-74c0af6055e2&u1=e005f9a4-f506-7ba6-d023-6627b6cca8ab Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.211.148.7 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-211-148-7.eu-west-1.compute.amazonaws.com Software nginx/1.12.1 / Resource Hash 49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 14 Aug 2020 09:38:09 GMT Server nginx/1.12.1 Connection keep-alive Content-Length 37 Content-Type image/gif
POST H2	204	write Show response hits-i.iubenda.com/	0 399 B	36ms 36ms	XHR text/plain	46.101.133.82 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hits-i.iubenda.com/write?db=hits1 Requested by Host: cdn.iubenda.com URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/core-fcf8c9eac36aece9d290934b54a63296.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.101.133.82 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ Authorization Basic aGl0czFfdTpoaXRzMV91cHdk Content-Type text/plain;charset=UTF-8 Response headers date Fri, 14 Aug 2020 09:38:09 GMT server nginx x-influxdb-build OSS status 204 access-control-allow-methods DELETE, GET, OPTIONS, POST, PUT access-control-allow-origin https://www.conducttr.com access-control-expose-headers Date, X-InfluxDB-Version, X-InfluxDB-Build request-id dd0a0102-de11-11ea-aff9-0242ac110002 access-control-allow-headers Accept, Accept-Encoding, Authorization, Content-Length, Content-Type, X-CSRF-Token, X-HTTP-Method-Override x-influxdb-version 1.7.5 x-request-id dd0a0102-de11-11ea-aff9-0242ac110002
OPTIONS H2	204	write hits-i.iubenda.com/ Frame	0 0	98ms 32ms	Other text/plain	46.101.133.82 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hits-i.iubenda.com/write?db=hits1 Protocol H2 Server 46.101.133.82 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers authorization Origin https://www.conducttr.com Sec-Fetch-Mode cors Response headers status 204 server nginx date Fri, 14 Aug 2020 09:38:09 GMT access-control-allow-origin https://www.conducttr.com access-control-allow-methods GET, POST, OPTIONS access-control-allow-headers *, authorization access-control-max-age 1728000 access-control-allow-credentials true content-length 0 content-type text/plain charset=UTF-8
GET H2	200	/ www.facebook.com/tr/	44 B 146 B	7ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=262993237434663&ev=Microdata&dl=https%3A%2F%2Fwww.conducttr.com%2Fdemo-team-exercise-cyber-attack%2F&rl=&if=false&ts=1597397889653&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5Ct%5Ct(DEMO)%20Team%20exercise%20-%20Cyber-attack%20online%20sim%20%E2%80%A2%20Conducttr%5Ct%5Ct%22%2C%22meta%3Adescription%22%3A%22Our%20crisis%20simulation%20platform%20allows%20you%20to%20develop%20and%20deploy%20engaging%20exercises%20faster.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.23&r=stable&ec=1&o=30&fbp=fb.1.1597397888150.1309808445&it=1597397887978&coo=false&es=automatic&tm=3&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:09 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Fri, 14 Aug 2020 09:38:09 GMT
GET H/1.1	200 OK	e.gif collect.albacross.com/	37 B 184 B	43ms 42ms	Image image/gif	52.211.148.7 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://collect.albacross.com/e.gif?s=JSCollector%2C2.0.2%2C1597397891063&e1=pageview_ping&li1=1597397888545&p1=f612d934-582e-2b06-78ca-fd25cac1ea5c&c1=89832634&ci1=26a35337-e2aa-1002-a7d3-4c8b645060f4&v1=b1e9f94c-25d8-13da-72a6-74c0af6055e2&u1=6b191d41-19c7-24e7-43f9-78bd023ec76a Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.211.148.7 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-211-148-7.eu-west-1.compute.amazonaws.com Software nginx/1.12.1 / Resource Hash 49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 14 Aug 2020 09:38:11 GMT Server nginx/1.12.1 Connection keep-alive Content-Length 37 Content-Type image/gif
GET H2	200	survey-v2.a07ae73f193558c97dae.js Show response script.hotjar.com/	110 KB 27 KB	18ms 17ms	Script application/javascript	147.75.32.125 PACKET
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/survey-v2.a07ae73f193558c97dae.js Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.0eea85e88cfdd19ba133.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 147.75.32.125 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS pkt-ams-k2-shared-ingress4 Software / Resource Hash ee9c09a6fd90c4d9eafa2ec22e2a981e8834bf00688247239036cc5e56a15d41 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:13 GMT content-encoding br age 13521 status 200 section-io-cache Hit content-length 26905 last-modified Thu, 13 Aug 2020 13:57:22 GMT etag "6f803981ed3d752a9f0be84724dfb9fa" vary Accept-Encoding section-io-origin-status 200 access-control-allow-origin * cache-control max-age=31536000 section-io-origin-time-seconds 0.044 section-io-id 25e9a800544567c0040c386d5ff3e384 accept-ranges bytes content-type application/javascript section-origin-responded true
GET H2	200	hotjar-black.4b15f4.svg script.hotjar.com/	3 KB 1 KB	17ms 16ms	Image image/svg+xml	147.75.32.125 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://script.hotjar.com/hotjar-black.4b15f4.svg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 147.75.32.125 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS pkt-ams-k2-shared-ingress4 Software / Resource Hash 149a2d9cf650adb9b8c62bee175e4922be214b57b435e1b825da79b55aa2b39b Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:13 GMT content-encoding br age 4468 status 200 section-io-cache Hit content-length 1128 last-modified Fri, 14 Aug 2020 08:18:08 GMT etag "65886d0bab36d76a94dc88c3018ee794" vary Accept-Encoding section-io-origin-status 200 access-control-allow-origin * cache-control max-age=31536000 section-io-origin-time-seconds 0.026 section-io-id fbca25d19adde33036bf116ad7d76325 accept-ranges bytes content-type image/svg+xml section-origin-responded true
GET H2	200	widget_icons_light.ddcd59.png script.hotjar.com/	855 B 1 KB	17ms 16ms	Image image/png	147.75.32.125 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://script.hotjar.com/widget_icons_light.ddcd59.png Requested by Host: www.conducttr.com URL: https://www.conducttr.com/demo-team-exercise-cyber-attack/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 147.75.32.125 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS pkt-ams-k2-shared-ingress4 Software / Resource Hash 753238e181a5cb9255aa342c0b33c931a890cea657fa26c08ffded1cde13d441 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 14 Aug 2020 09:38:13 GMT content-type image/png last-modified Fri, 14 Aug 2020 08:18:07 GMT age 4471 etag "ddcd59097b5702266ee3a9bcf073391f" section-io-origin-status 200 status 200 cache-control max-age=31536000 accept-ranges bytes section-io-origin-time-seconds 0.092 section-origin-responded true section-io-id 4bbdfe96ca90077ff8913eb5d01a5343 section-io-cache Hit access-control-allow-origin * content-length 855
GET H/1.1	200 OK	5f5c054179f16bfa1f8de22525f4ab4a_2vx1honw.png s3-eu-west-1.amazonaws.com/pubble-uploads/upload-avatars-ss/2018/06/06/	2 KB 2 KB	139ms 45ms	Image image/jpeg	52.218.61.35 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3-eu-west-1.amazonaws.com/pubble-uploads/upload-avatars-ss/2018/06/06/5f5c054179f16bfa1f8de22525f4ab4a_2vx1honw.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.61.35 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1.amazonaws.com Software AmazonS3 / Resource Hash d440775ab402da24db21c8e8dd505599da3cd611ff4307a0bda81a8a9c134667 Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 14 Aug 2020 09:38:14 GMT Last-Modified Wed, 06 Jun 2018 08:11:39 GMT Server AmazonS3 x-amz-request-id B54944E77CBA301D ETag "f0a6847ee8c875a4c375204c48ab2384" Content-Type image/jpeg Accept-Ranges bytes Content-Length 1634 x-amz-id-2 HOEZ4yT5l4IR0Y2/PrDA8QilyShNSMfFUvSRx4ug+n4FcCMvGkDddT+JLe1EqqqhIjGI+VjfhKk=
GET H/1.1	200 OK	pubble-cw-main.png cdn.pubble.io/resources/livechat-sidebar/images/	14 KB 15 KB	22ms 22ms	Image image/png	13.226.155.93 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.pubble.io/resources/livechat-sidebar/images/pubble-cw-main.png Requested by Host: cdn.pubble.io URL: https://cdn.pubble.io/resources/livechat-sidebar/css/pubble-sb.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.226.155.93 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-155-93.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash a47094a46c38b685ccd80b43b99bc3a107bcf3496b0f4362cddbee1f789820ec Request headers Referer https://cdn.pubble.io/resources/livechat-sidebar/css/pubble-sb.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 14 Aug 2020 08:59:12 GMT Via 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront) Last-Modified Mon, 03 Feb 2020 20:20:18 GMT Server AmazonS3 Age 2342 ETag "1dcf6475dce8ea1cbd2702d434444b88" X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive X-Amz-Cf-Pop DUS51-C1 Accept-Ranges bytes Content-Length 14409 X-Amz-Cf-Id NWLrwe10lAGAxNZk5uQS6uXCitXHM2yDuHAEBr8n_BttZiNZLv8Mmg==
GET H/1.1	200 OK	e.gif collect.albacross.com/	37 B 184 B	1258ms 1257ms	Image image/gif	52.211.148.7 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://collect.albacross.com/e.gif?s=JSCollector%2C2.0.2%2C1597397895564&e1=pageview_ping&li1=1597397888545&p1=f612d934-582e-2b06-78ca-fd25cac1ea5c&c1=89832634&ci1=dee1d623-0d41-2f2a-dce7-0c269ea79bac&v1=df446699-4fdb-fab1-6036-dc358810b5e7&u1=b0652403-1981-95bb-bd26-2ecebb4d31bf Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.211.148.7 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-211-148-7.eu-west-1.compute.amazonaws.com Software nginx/1.12.1 / Resource Hash 49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d Request headers Referer https://www.conducttr.com/demo-team-exercise-cyber-attack/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 14 Aug 2020 09:38:16 GMT Server nginx/1.12.1 Connection keep-alive Content-Length 37 Content-Type image/gif