www.silverfort.com Open in urlscan Pro
141.193.213.20 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Submission: On May 07 via api (May 7th 2024, 2:10:30 am UTC) from TR — Scanned from DE

Summary HTTP 156 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 53 IPs in 5 countries across 41 domains to perform 156 HTTP transactions. The main IP is 141.193.213.20, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.silverfort.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2023. Valid for: a year.

This is the only time www.silverfort.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
54	141.193.213.20 141.193.213.20	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.65.91 151.101.65.91	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223f:b200:18:4dfd:7240:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a02:26f0:480... 2a02:26f0:480:f::213:7ed1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.102.38.132 104.102.38.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	104.18.141.119 104.18.141.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2.19.96.153 2.19.96.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.66.102.11 18.66.102.11	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
2	2600:1901:0:b... 2600:1901:0:bc29::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:8ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:5800:4:d7e1:700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:1400:18:6c16:27c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2620:1ec:46::67 2620:1ec:46::67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
1	13.32.27.19 13.32.27.19	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:df98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4e8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.107.203.234 34.107.203.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.112.30 18.66.112.30	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
1	216.58.206.67 216.58.206.67	15169 (GOOGLE) (GOOGLE)
2	4.227.249.197 4.227.249.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:480... 2a02:26f0:480:23::1726:62a7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	3.125.10.216 3.125.10.216	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.64.150.44 172.64.150.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	104.16.117.43 104.16.117.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.211.34.183 130.211.34.183	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
156	53

54 141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.silverfort.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

client-registry.mutinycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:b200:18:4dfd:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed.interactivecalculator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:480:f::213:7ed1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f8cb (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.38.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-38-132.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.141.119 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.19.96.153 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-96-153.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:bc29:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:5800:4:d7e1:700:93a1 (United States)

ASN16509 (AMAZON-02, US)

sc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:1400:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tools.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::67 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:df98 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4e8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.203.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.203.107.34.bc.googleusercontent.com

settings.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-30.fra56.r.cloudfront.net

tr.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 4.227.249.197 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

u.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:23::1726:62a7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.10.216 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-10-216.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.150.44 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.117.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws-assets.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.34.183 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 183.34.211.130.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	silverfort.com www.silverfort.com	1 MB
12	6sc.co j.6sc.co — Cisco Umbrella Rank: 5787 c.6sc.co — Cisco Umbrella Rank: 8716 ipv6.6sc.co — Cisco Umbrella Rank: 5928 b.6sc.co — Cisco Umbrella Rank: 3876	25 KB
8	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 4098 api.hubspot.com — Cisco Umbrella Rank: 4890 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4060 app.hubspot.com — Cisco Umbrella Rank: 5794 track.hubspot.com — Cisco Umbrella Rank: 2393	30 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 743 u.clarity.ms — Cisco Umbrella Rank: 423151 c.clarity.ms — Cisco Umbrella Rank: 1385	29 KB
7	typekit.net use.typekit.net — Cisco Umbrella Rank: 448 p.typekit.net — Cisco Umbrella Rank: 565	151 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 338 www.linkedin.com — Cisco Umbrella Rank: 619 px4.ads.linkedin.com — Cisco Umbrella Rank: 6419	3 KB
6	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2197 rs.fullstory.com — Cisco Umbrella Rank: 2240	104 KB
4	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2189	19 KB
4	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4333 forms-na1.hsforms.com — Cisco Umbrella Rank: 6937 perf-na1.hsforms.com — Cisco Umbrella Rank: 4386	10 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 345 c.bing.com — Cisco Umbrella Rank: 231	16 KB
3	zoominfo.com ws-assets.zoominfo.com — Cisco Umbrella Rank: 11817 ws.zoominfo.com — Cisco Umbrella Rank: 4715	29 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 6903	4 KB
3	luckyorange.com tools.luckyorange.com — Cisco Umbrella Rank: 13513 settings.luckyorange.com — Cisco Umbrella Rank: 13498	5 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32 region1.google-analytics.com — Cisco Umbrella Rank: 2533	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	291 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 9185	709 B
2	lfeeder.com sc.lfeeder.com — Cisco Umbrella Rank: 15533 tr.lfeeder.com — Cisco Umbrella Rank: 23957	12 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	71 KB
2	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 3738	22 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1160	12 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 742 script.hotjar.com — Cisco Umbrella Rank: 988	59 KB
2	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6801	156 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3868	6 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	38 KB
1	mixpanel.com api-js.mixpanel.com — Cisco Umbrella Rank: 2100	373 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 482	701 B
1	google.de www.google.de — Cisco Umbrella Rank: 7810	63 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	63 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	274 B
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4801	25 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2225	21 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3146	4 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89	351 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1376	637 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2460	1 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 803	17 KB
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 64	67 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 771	22 KB
1	interactivecalculator.com embed.interactivecalculator.com	31 KB
1	mutinycdn.com client-registry.mutinycdn.com — Cisco Umbrella Rank: 18650	17 KB
156	41

	Domain	Requested by
54	www.silverfort.com	www.silverfort.com
8	b.6sc.co	www.silverfort.com
6	use.typekit.net	www.silverfort.com use.typekit.net
4	js.hs-banner.com	js.hs-scripts.com www.silverfort.com js.hs-banner.com
4	px.ads.linkedin.com	3 redirects snap.licdn.com
3	track.hubspot.com
3	js.zi-scripts.com	www.silverfort.com
3	rs.fullstory.com	edge.fullstory.com
3	www.clarity.ms	www.silverfort.com bat.bing.com www.clarity.ms
3	edge.fullstory.com	www.silverfort.com edge.fullstory.com rs.fullstory.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.silverfort.com
3	www.googletagmanager.com	www.silverfort.com www.googletagmanager.com
2	ws.zoominfo.com	www.silverfort.com
2	c.clarity.ms	1 redirects
2	epsilon.6sense.com	j.6sc.co
2	u.clarity.ms	www.clarity.ms
2	api.hubspot.com	js.usemessages.com
2	settings.luckyorange.com	www.silverfort.com
2	forms.hsforms.com	js.hsforms.net www.silverfort.com
2	connect.facebook.net	www.silverfort.com connect.facebook.net
2	cdn.mxpnl.com	www.googletagmanager.com cdn.mxpnl.com
2	www.redditstatic.com	www.googletagmanager.com www.redditstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	j.6sc.co	www.googletagmanager.com j.6sc.co
2	js.hsforms.net	www.silverfort.com
2	munchkin.marketo.net	www.silverfort.com munchkin.marketo.net
2	cdnjs.cloudflare.com	www.silverfort.com
1	api-js.mixpanel.com	cdn.mxpnl.com
1	ws-assets.zoominfo.com	js.zi-scripts.com
1	c.bing.com	1 redirects
1	app.hubspot.com	js.usemessages.com
1	perf-na1.hsforms.com	www.silverfort.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	cta-service-cms2.hubspot.com	www.silverfort.com
1	www.google.de	www.silverfort.com
1	www.google.com	www.silverfort.com
1	tr.lfeeder.com	www.silverfort.com
1	www.facebook.com	www.silverfort.com
1	forms-na1.hsforms.com	www.silverfort.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	alb.reddit.com	www.silverfort.com
1	px4.ads.linkedin.com	www.silverfort.com
1	www.linkedin.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	tools.luckyorange.com	www.googletagmanager.com
1	sc.lfeeder.com	www.silverfort.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.youtube.com	www.silverfort.com
1	p.typekit.net	use.typekit.net
1	fonts.googleapis.com	www.silverfort.com
1	unpkg.com	www.silverfort.com
1	embed.interactivecalculator.com	www.silverfort.com
1	client-registry.mutinycdn.com	www.silverfort.com
156	62

This site contains links to these domains. Also see Links.

Domain
partners.silverfort.com
learn.microsoft.com
openid.net
webauthn-doc.spomky-labs.com
www.facebook.com
www.linkedin.com
twitter.com
support.silverfort.com

Subject Issuer	Validity	Valid
www.silverfort.com Cloudflare Inc ECC CA-3	`2023-06-16` - `2024-06-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
client-registry.mutinycdn.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-06` - `2025-04-07`	a year	crt.sh
*.interactivecalculator.com Amazon RSA 2048 M02	`2024-01-04` - `2025-01-31`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
unpkg.com GTS CA 1P5	`2024-04-01` - `2024-06-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
hsforms.net GTS CA 1P5	`2024-04-15` - `2024-07-14`	3 months	crt.sh
6sc.co R3	`2024-04-09` - `2024-07-08`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-08` - `2024-07-06`	6 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-14` - `2024-05-14`	3 months	crt.sh
hs-scripts.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
*.lfeeder.com Amazon RSA 2048 M02	`2024-02-20` - `2025-03-20`	a year	crt.sh
luckyorange.com Amazon RSA 2048 M03	`2023-11-18` - `2024-12-15`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-05-03` - `2024-08-01`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
hsforms.com GTS CA 1P5	`2024-04-17` - `2024-07-16`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-15` - `2024-07-13`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
hs-banner.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
hsadspixel.net E1	`2024-04-16` - `2024-07-15`	3 months	crt.sh
hs-analytics.net GTS CA 1P5	`2024-04-13` - `2024-07-12`	3 months	crt.sh
usemessages.com E1	`2024-04-12` - `2024-07-11`	3 months	crt.sh
settings.luckyorange.com R3	`2024-04-03` - `2024-07-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-05-02` - `2024-07-31`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M03	`2024-03-31` - `2025-04-29`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
zi-scripts.com GTS CA 1P5	`2024-03-29` - `2024-06-27`	3 months	crt.sh
zoominfo.com E1	`2024-04-19` - `2024-07-18`	3 months	crt.sh
*.mixpanel.com GeoTrust TLS RSA CA G1	`2024-02-08` - `2025-03-10`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Frame ID: 82771BDBA54D4657E75E21C9F1311B08
Requests: 159 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/4711332/threads/utk/914b2ed1c967468ba91c81aeeca4f7ce?uuid=107748ea771044019e34c55d039ef6f6&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=silverfort.com&inApp53=false&messagesUtk=914b2ed1c967468ba91c81aeeca4f7ce&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 0420A012478AF9987157E968B1DC0336
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Using MITM to bypass FIDO2 phishing-resistant protection - Silverfort

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

156
Requests

99 %
HTTPS

54 %
IPv6

41
Domains

62
Subdomains

53
IPs

5
Countries

2450 kB
Transfer

7270 kB
Size

46
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://partners.silverfort.com/
Title: Partners Portal

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-strengths
Title: Conditional Access – authentication strength

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/entra/identity/conditional-access/concept-token-protection)
Title: Token Protection,

Search URL Search Domain Scan URL

URL: https://openid.net/specs/openid-connect-token-bound-authentication-1_0.html
Title: Referred Token Binding

Search URL Search Domain Scan URL

URL: https://webauthn-doc.spomky-labs.com/v/v3.0/deep-into-the-framework/token-binding
Title: may pass

Search URL Search Domain Scan URL

URL: https://www.facebook.com/silverfort

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/silverfort/

Search URL Search Domain Scan URL

URL: https://twitter.com/silverfort

Search URL Search Domain Scan URL

URL: https://support.silverfort.com/hc/en-us/restricted?return_to=https%3A%2F%2Fsupport.silverfort.com%2Fhc%2Fen-us
Title: Support

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=649297&time=1715047824544&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=649297&time=1715047824544&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D649297%26time%3D1715047824544%26url%3Dhttps%253A%252F%252Fwww.silverfort.com%252Fblog%252Fusing-mitm-to-bypass-fido2%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=649297&time=1715047824544&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=649297&time=1715047824544&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&cookiesTest=true&liSync=true&e_ipv6=AQKhMk0hAug5xQAAAY9Q0P-3X2SNkH5xZkqikkx7Cske-9lqKbgYw2PBmGWkVZbwF0gnfOg

Request Chain 147

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=08B918BE7A314CDD85BD2C7FD8CFDFCF&RedC=c.clarity.ms&MXFR=2C36C656DFF56AB913B5D22EDBF5646C HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=08B918BE7A314CDD85BD2C7FD8CFDFCF&MUID=2502F32BE92B6322318BE753E8A062B6

156 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.silverfort.com/blog/using-mitm-to-bypass-fido2/ 145 KB
31 KB 191ms
91ms Document
text/html 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

14b8d22e31a2bd97f7a47cecc9e22abe6a70ddc3a33c205af5287145861e62dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 87fdac61aa2644f2-TXL
content-encoding: br
content-type: text/html;charset=UTF-8
date: Tue, 07 May 2024 02:10:23 GMT
link: <https://www.silverfort.com/wp-json/>; rel="https://api.w.org/" <https://www.silverfort.com/wp-json/wp/v2/posts/8366>; rel="alternate"; type="application/json" <https://www.silverfort.com/?p=8366>; rel=shortlink
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains;
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 38
x-cache-group: normal
x-cacheable: SHORT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pingback: https://www.silverfort.com/xmlrpc.php
x-powered-by: WP Engine
x-xss-protection: 1; mode=block

GET
H3 200 swiper-bundle.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/6.8.4/ 14 KB
4 KB 97ms
53ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/6.8.4/swiper-bundle.min.css

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc0b8e8cf4d354da992e3b614bc221c793e74ee11ad6ab9760b3cd965d14c66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 944223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3621
last-modified: Mon, 23 Aug 2021 12:35:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6123961f-e25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ok0fhjGriDqavFo7FpVERDYFJPsqBMgVGjN06HTldZCmZACC5AKMjDFsl46Z9FOYVa2o4GZ06KAFXJXyElk1ky%2FWNx2%2FX4i78bX7rU1%2BC0Ip9NIBT9yrzSYQvdkz3%2FtUIv8nTdBp"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87fdac62afdba01e-FRA
expires: Sun, 27 Apr 2025 02:10:23 GMT

GET
H2 200 f057c54b74d3d029.js Show response
client-registry.mutinycdn.com/personalize/client/ 52 KB
17 KB 151ms
41ms Script
application/javascript 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://client-registry.mutinycdn.com/personalize/client/f057c54b74d3d029.js
Requested by: Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17d79bd57963e613104e36acc3557b916f995b40a26978aea5b3e339f714bae6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: oBpb0v0bKGJ66CFUn8AQNGobhwl_Uuu_
x-continent-code: EU
content-encoding: gzip
date: Tue, 07 May 2024 02:10:23 GMT
via: 1.1 varnish
x-edge-region: EU-East
x-amz-request-id: 2BWX49HWMMHRD19R
age: 64
x-amz-server-side-encryption: AES256
x-cache: HIT
x-edge-datacenter: FRA
content-length: 16866
x-amz-id-2: t09lYeEAnoRlHMLXmBeZVj9Wi9X10FN0nddQh2GG1Xtes6HGS3Y/DJpnOPRidfcoaiygxRhQrIA=
x-served-by: cache-fra-etou8220153-FRA
x-connection-speed: broadband
last-modified: Mon, 29 Apr 2024 15:58:02 GMT
server: AmazonS3
etag: "c24203828ee9daabb84c52237a6e8660"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=3600, max-age=0
vary: X-Continent-Code, Accept-Encoding
accept-ranges: bytes
x-country-code: DE
x-cache-hits: 0

GET
H2 200 font-geo-bold.woff2
www.silverfort.com/wp-content/themes/airfleet/resources/fonts/ 70 KB
70 KB 102ms
96ms Font
font/woff2 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/themes/airfleet/resources/fonts/font-geo-bold.woff2

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ee78165676c8fd7079050f30ee808faab2dd707ddd8ebbcdea2943853d1fda5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Origin: https://www.silverfort.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 377464
alt-svc: h3=":443"; ma=86400
content-length: 71812
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:29 GMT
server: cloudflare
etag: "66307f9d-11884"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
accept-ranges: bytes
cf-ray: 87fdac625b4c44f2-TXL

GET
H2 200 font-light.woff2
www.silverfort.com/wp-content/themes/airfleet/resources/fonts/ 73 KB
74 KB 102ms
96ms Font
font/woff2 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/themes/airfleet/resources/fonts/font-light.woff2

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

919573c7c6dbf66ad9f2adba0c41117e48003d559cbfb87fc833ad0f199fbe17

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Origin: https://www.silverfort.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 377464
alt-svc: h3=":443"; ma=86400
content-length: 75116
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:29 GMT
server: cloudflare
etag: "66307f9d-1256c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
accept-ranges: bytes
cf-ray: 87fdac625b4e44f2-TXL

GET
H2 200 font-demi-bold.woff2
www.silverfort.com/wp-content/themes/airfleet/resources/fonts/ 76 KB
76 KB 66ms
60ms Font
font/woff2 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/themes/airfleet/resources/fonts/font-demi-bold.woff2

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d557435e48cd67d8e39c4c1b1965425737d49ca4ff4aa0e17829d6875da059b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Origin: https://www.silverfort.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 329485
alt-svc: h3=":443"; ma=86400
content-length: 77344
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:29 GMT
server: cloudflare
etag: "66307f9d-12e20"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
accept-ranges: bytes
cf-ray: 87fdac625b4f44f2-TXL

GET
H2 200 style.min.css
www.silverfort.com/wp-includes/css/dist/block-library/ 108 KB
14 KB 65ms
60ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/css/dist/block-library/style.min.css?ver=48f16741d46e16046966fe9754775630

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 364304
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 09 Feb 2024 06:19:45 GMT
server: cloudflare
etag: W/"65c5c401-1ae43"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac625b4244f2-TXL

GET
H2 200 blocks.style.build.css
www.silverfort.com/wp-content/plugins/embedpress/Gutenberg/dist/ 31 KB
6 KB 101ms
96ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/plugins/embedpress/Gutenberg/dist/blocks.style.build.css?ver=1714454428

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1611e9febfc2c5a924ea7d5a124825e67902cee3b4288c5020a059e081c725a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 364304
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:28 GMT
server: cloudflare
etag: W/"66307f9c-7c41"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac625b4544f2-TXL

GET
H2 200 blocks.style.build.css
www.silverfort.com/wp-content/plugins/metronet-profile-picture/dist/ 27 KB
3 KB 101ms
95ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.6.0

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd00c79e4bbf06794b0851af6b891c002601933c8b9d0cef5bf18427c62c699c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 377818
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Dec 2023 13:57:18 GMT
server: cloudflare
etag: W/"6582f2be-6c70"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac625b4744f2-TXL

GET
H2 200 embedpress.css
www.silverfort.com/wp-content/plugins/embedpress/assets/css/ 38 KB
7 KB 64ms
59ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/plugins/embedpress/assets/css/embedpress.css?ver=48f16741d46e16046966fe9754775630

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

258686c2fa79c237191fa2c326ca776cb408726eaafeac2babda7ca175c430fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 360640
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:28 GMT
server: cloudflare
etag: W/"66307f9c-97c7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac625b4944f2-TXL

GET
H2 200 dashicons.min.css
www.silverfort.com/wp-includes/css/ 58 KB
35 KB 62ms
56ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/css/dashicons.min.css?ver=48f16741d46e16046966fe9754775630

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 591775
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: cloudflare
etag: W/"603ffca6-e688"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac625b4b44f2-TXL

GET
H2 200 theme.css
www.silverfort.com/wp-content/themes/airfleet/dist/styles/ 836 KB
104 KB 102ms
96ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/themes/airfleet/dist/styles/theme.css?ver=1714454429

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

26fb7924002a4374b9ac7f10df7ef2027a7af2c271604dcdd4d3c97f75abf89c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 591775
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:29 GMT
server: cloudflare
etag: W/"66307f9d-d0e77"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac626b5244f2-TXL

GET
H2 200 style.css
www.silverfort.com/wp-content/themes/airfleet/theme/ 7 KB
2 KB 100ms
95ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/themes/airfleet/theme/style.css?ver=1714454429

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

693536d3b81f85a299e9366761047ca164057eaaaa6b17ff1b9effd072a56131

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 377818
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:29 GMT
server: cloudflare
etag: W/"66307f9d-1dfa"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac626b5344f2-TXL

GET
H2 200 plyr.css
www.silverfort.com/wp-content/plugins/embedpress/assets/css/ 32 KB
5 KB 138ms
133ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/plugins/embedpress/assets/css/plyr.css?ver=48f16741d46e16046966fe9754775630

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c06593065d525cac7ffb626221f4edad2e94791edd7c71bb8573c3600567cb19

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 377818
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:28 GMT
server: cloudflare
etag: W/"66307f9c-7ef3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629ba044f2-TXL

GET
H2 200 jquery.min.js Show response
www.silverfort.com/wp-includes/js/jquery/ 86 KB
31 KB 138ms
133ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 364304
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: cloudflare
etag: W/"64ecd5ef-15601"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629ba244f2-TXL

GET
H2 200 jquery-migrate.min.js Show response
www.silverfort.com/wp-includes/js/jquery/ 13 KB
5 KB 138ms
133ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 360640
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: cloudflare
etag: W/"6482bd64-3509"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629ba344f2-TXL

GET
H2 200 plyr.polyfilled.js Show response
www.silverfort.com/wp-content/plugins/embedpress/assets/js/ 117 KB
35 KB 133ms
128ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/plugins/embedpress/assets/js/plyr.polyfilled.js?ver=1

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

57ff88bcf73a9a1211529bbab1275b88f0a645549b655fdcec74666feb1aaa3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 364304
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:28 GMT
server: cloudflare
etag: W/"66307f9c-1d44b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629ba444f2-TXL

GET
H2 200 embed.js Show response
embed.interactivecalculator.com/ 146 KB
31 KB 188ms
46ms Script
text/javascript 2600:9000:223f:b200:18:4dfd:7240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.interactivecalculator.com/embed.js?ver=48f16741d46e16046966fe9754775630
Requested by: Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:b200:18:4dfd:7240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f5f8d611f98a4907e7b88ae386c286a2a7407a4b3f01b628fa158c2ba9025da

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 09:31:35 GMT
content-encoding: gzip
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Mon, 29 Apr 2024 20:30:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 65745
x-amz-server-side-encryption: AES256
etag: W/"a52cba8acfffb7c1ab7e0deef8aa2819"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: QTVKQi3HRIcsie4Wp0wnocJGaYPXPyrWRp0aNB6XC-XysNdjt9NIrA==

GET
H2 200 owl1fid.css
use.typekit.net/ 11 KB
1 KB 205ms
43ms Stylesheet
text/css 2a02:26f0:480:f::213:7ed1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/owl1fid.css

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ed1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

bdea7749e067619567677cb41850cd361c9fff999b06a9652ce2203337f8422b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 07 May 2024 02:10:23 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1219

GET
H2 200 isotope.pkgd.js Show response
unpkg.com/isotope-layout@3.0.6/dist/ 89 KB
22 KB 145ms
58ms Script
application/javascript 2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/isotope-layout@3.0.6/dist/isotope.pkgd.js

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

699713f69dbd2387b7c3b57204bcdc3d86d3ac350718a7ad65a5293e0d2c53eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 4703838
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRW746FBV4XGCTF9HP5BTRCE-fra
server: cloudflare
etag: W/"16506-MQojGhhVA4UpfhQCgkKKBv62daY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 87fdac62eef1361e-FRA

GET
H3 200 swiper-bundle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/6.8.4/ 143 KB
34 KB 97ms
55ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/6.8.4/swiper-bundle.min.js

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46b5a8e3460a7ec8fe6043ade762bc40d18735c3db77a68e4bead56b3de7f355

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 366764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 33765
last-modified: Mon, 23 Aug 2021 12:35:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6123961f-83e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gmAtEFc%2Fh8TqdYpP7IiXtoWo4txjyG04YUp2vbv24Yx3ATZWjAEHD9WtvZ1RWZSN%2F50%2BAnXecCiDVi23n%2BJcu5oVfI95uM2mogdJ6xEHg5JqkPsXdJw%2BJGK4civ%2BLuZugGHrhxeZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87fdac62afdaa01e-FRA
expires: Sun, 27 Apr 2025 02:10:23 GMT

GET
H2 200 mpp-frontend.js Show response
www.silverfort.com/wp-content/plugins/metronet-profile-picture/js/ 331 B
262 B 137ms
132ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.6.0

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 360640
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Dec 2023 13:57:18 GMT
server: cloudflare
etag: W/"6582f2be-14b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629ba544f2-TXL

GET
H2 200 pdfobject.min.js Show response
www.silverfort.com/wp-content/plugins/embedpress/assets/js/ 13 KB
4 KB 140ms
136ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/plugins/embedpress/assets/js/pdfobject.min.js?ver=3.9.16

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a3fcee601e829af094ce197af4a7e839296ac3a944dd8f6673997586c57a385

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 591774
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:28 GMT
server: cloudflare
etag: W/"66307f9c-34ee"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629ba644f2-TXL

GET
H2 200 initplyr.js Show response
www.silverfort.com/wp-content/plugins/embedpress/assets/js/ 9 KB
3 KB 141ms
137ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/plugins/embedpress/assets/js/initplyr.js?ver=3.9.16

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9bb829f8d70641154b1f50b85d90ae2fce8628ecffe8575481b54311233c842

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 373690
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:28 GMT
server: cloudflare
etag: W/"66307f9c-2368"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629ba844f2-TXL

GET
H2 200 vimeo-player.js Show response
www.silverfort.com/wp-content/plugins/embedpress/assets/js/ 37 KB
11 KB 136ms
132ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/plugins/embedpress/assets/js/vimeo-player.js?ver=3.9.16

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

98e67b7c00d3ed50871865e8acf0381d72b909eb2360b56261061c9be60bde9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 373689
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:28 GMT
server: cloudflare
etag: W/"66307f9c-92fa"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629baa44f2-TXL

GET
H2 200 front.js Show response
www.silverfort.com/wp-content/plugins/embedpress/assets/js/ 22 KB
5 KB 142ms
138ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/plugins/embedpress/assets/js/front.js?ver=3.9.16

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

581f3f804bf3ae2c8cd5505539a41bfbc043704513283283769e9eed49797e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 377818
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:28 GMT
server: cloudflare
etag: W/"66307f9c-5847"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bac44f2-TXL

GET
H2 200 wp-polyfill-inert.min.js Show response
www.silverfort.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 141ms
137ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 364304
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 18 Jan 2023 11:16:33 GMT
server: cloudflare
etag: W/"63c7d511-1feb"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bad44f2-TXL

GET
H2 200 regenerator-runtime.min.js Show response
www.silverfort.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 170ms
166ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 364304
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 19 Sep 2023 19:30:24 GMT
server: cloudflare
etag: W/"6509f6d0-19e1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629baf44f2-TXL

GET
H2 200 wp-polyfill.min.js Show response
www.silverfort.com/wp-includes/js/dist/vendor/ 112 KB
36 KB 138ms
134ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 377818
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 26 Sep 2023 14:23:26 GMT
server: cloudflare
etag: W/"6512e95e-1c1b7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bb044f2-TXL

GET
H2 200 react.min.js Show response
www.silverfort.com/wp-includes/js/dist/vendor/ 10 KB
4 KB 140ms
137ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/dist/vendor/react.min.js?ver=18.2.0

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

38f8206d84ed8658e4f4fee5a71d757d475b03767e5e7eb1e7cb770f6ab2cd3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 373686
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 Feb 2023 07:04:52 GMT
server: cloudflare
etag: W/"63e1f814-2971"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bb144f2-TXL

GET
H2 200 hooks.min.js Show response
www.silverfort.com/wp-includes/js/dist/ 5 KB
2 KB 139ms
136ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 377818
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
server: cloudflare
etag: W/"650c4488-1213"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bb244f2-TXL

GET
H2 200 deprecated.min.js Show response
www.silverfort.com/wp-includes/js/dist/ 729 B
858 B 136ms
132ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/dist/deprecated.min.js?ver=73ad3591e7bc95f4777a

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

37720dbcab5427116c276e8b750bb4a7da41a7d3d5662ccdf92a3fee530fc28d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 373683
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
server: cloudflare
etag: W/"650c4488-2d9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bb344f2-TXL

GET
H2 200 dom.min.js Show response
www.silverfort.com/wp-includes/js/dist/ 13 KB
5 KB 138ms
135ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/dist/dom.min.js?ver=49ff2869626fbeaacc23

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa3159ad1e5deb4efdc091354d34e2fcbc511a9a2778775384786425af09b8c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 373683
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 26 Sep 2023 14:23:26 GMT
server: cloudflare
etag: W/"6512e95e-3317"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bb544f2-TXL

GET
H2 200 react-dom.min.js Show response
www.silverfort.com/wp-includes/js/dist/vendor/ 126 KB
42 KB 141ms
138ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/dist/vendor/react-dom.min.js?ver=18.2.0

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

efce7d4dfdff6ca56599601f0d4fdd12a19fd7e448109fddfad9a9a0f10df6e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 364304
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Jun 2023 20:08:46 GMT
server: cloudflare
etag: W/"649c934e-1f975"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bb644f2-TXL

GET
H2 200 escape-html.min.js Show response
www.silverfort.com/wp-includes/js/dist/ 1 KB
663 B 141ms
138ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/dist/escape-html.min.js?ver=03e27a7b6ae14f7afaa6

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfb6ea70d464c88b03728fe77f38a7400f7a3b1b5b0eaaae5817844d730e8cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 377818
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
server: cloudflare
etag: W/"650c4488-473"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bb844f2-TXL

GET
H2 200 element.min.js Show response
www.silverfort.com/wp-includes/js/dist/ 12 KB
5 KB 142ms
139ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/dist/element.min.js?ver=ed1c7604880e8b574b40

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

21826e531e656e94ed03199882cdc37f4af9946aeed1a3f63c1e9218ae8142f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 364304
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
server: cloudflare
etag: W/"650c4488-3169"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bb944f2-TXL

GET
H2 200 is-shallow-equal.min.js Show response
www.silverfort.com/wp-includes/js/dist/ 1 KB
603 B 137ms
134ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/dist/is-shallow-equal.min.js?ver=20c2b06ecf04afb14fee

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b09bdbf565d50102894b31146a8ecea9cff952ed9a365753185ce4b22fd818cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 360640
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
server: cloudflare
etag: W/"650c4488-449"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bbb44f2-TXL

GET
H2 200 i18n.min.js Show response
www.silverfort.com/wp-includes/js/dist/ 9 KB
4 KB 142ms
139ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 364304
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
server: cloudflare
etag: W/"650c4488-24e5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bbe44f2-TXL

GET
H2 200 keycodes.min.js Show response
www.silverfort.com/wp-includes/js/dist/ 4 KB
2 KB 138ms
135ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/dist/keycodes.min.js?ver=3460bd0fac9859d6886c

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

100cc029535a3be566618b073bb9815fea13ea722b029fd858b3a466396d50f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 360640
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
server: cloudflare
etag: W/"650c4488-fbf"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bc044f2-TXL

GET
H2 200 priority-queue.min.js Show response
www.silverfort.com/wp-includes/js/dist/ 3 KB
2 KB 136ms
134ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/dist/priority-queue.min.js?ver=422e19e9d48b269c5219

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a21da61d636ea66bd58bb96e3ddb6c249c9d6f47fe371d084c71bee2099444f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 373682
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
server: cloudflare
etag: W/"650c4488-d72"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bc244f2-TXL

GET
H2 200 compose.min.js Show response
www.silverfort.com/wp-includes/js/dist/ 37 KB
13 KB 141ms
139ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/dist/compose.min.js?ver=3189b344ff39fef940b7

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cca5cf5bfa14b32647fc12c6e52b050c2504f12794184725a74f49fe68e84d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 373682
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 26 Sep 2023 14:23:26 GMT
server: cloudflare
etag: W/"6512e95e-92ae"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bc344f2-TXL

GET
H2 200 private-apis.min.js Show response
www.silverfort.com/wp-includes/js/dist/ 3 KB
1 KB 133ms
132ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/dist/private-apis.min.js?ver=11cb2ebaa70a9f1f0ab5

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6aa05df1d902f41bdc3e044644cb660eb1c0d0edf6b2e5f895caf754c716cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 360640
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Oct 2023 13:58:15 GMT
server: cloudflare
etag: W/"6527fb77-a85"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bc444f2-TXL

GET
H2 200 redux-routine.min.js Show response
www.silverfort.com/wp-includes/js/dist/ 9 KB
3 KB 137ms
135ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/dist/redux-routine.min.js?ver=0be1b2a6a79703e28531

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e6f3987e72cefef4a63462c2f40066c64d51ecbabc1f357c32bc573cbcb1c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 364304
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
server: cloudflare
etag: W/"650c4488-2328"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bc644f2-TXL

GET
H2 200 data.min.js Show response
www.silverfort.com/wp-includes/js/dist/ 27 KB
9 KB 140ms
139ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/dist/data.min.js?ver=dc5f255634f3da29c8d5

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c58bf691bed30f03ca1587d29508d54f7aef5439671b6e99d8a3104382f54b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 364304
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 05 Nov 2023 19:40:32 GMT
server: cloudflare
etag: W/"6547efb0-6ace"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bc744f2-TXL

GET
H2 200 ads.js Show response
www.silverfort.com/wp-content/plugins/embedpress/assets/js/ 9 KB
3 KB 135ms
134ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/plugins/embedpress/assets/js/ads.js?ver=3.9.16

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6343c092123772a2e0d5ae9ec4b4372693390388ede4937b2556e28ab475122d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 364304
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:28 GMT
server: cloudflare
etag: W/"66307f9c-2288"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bc844f2-TXL

GET
H2 200 documents-viewer-script.js Show response
www.silverfort.com/wp-content/plugins/embedpress/assets/js/ 10 KB
3 KB 137ms
136ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/plugins/embedpress/assets/js/documents-viewer-script.js?ver=3.9.16

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3dc83cc4fb3fc6535c5e5fb061fc5ea193f7ff61c5e8f539f76c68b42d80a40

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 364304
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:28 GMT
server: cloudflare
etag: W/"66307f9c-299f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bca44f2-TXL

GET
H2 200 frontend.min.js Show response
www.silverfort.com/wp-content/plugins/link-whisper-premium/js/ 5 KB
2 KB 138ms
136ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/plugins/link-whisper-premium/js/frontend.min.js?ver=1714454428

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

141ac568be4ebb63260741515cc6e4a81fe3abaa2599567ed81922801800fc5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 364304
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:28 GMT
server: cloudflare
etag: W/"66307f9c-128e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bcb44f2-TXL

GET
H3 200 comment-reply.min.js Show response
www.silverfort.com/wp-includes/js/ 3 KB
2 KB 59ms
59ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-includes/js/comment-reply.min.js?ver=48f16741d46e16046966fe9754775630

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 377819
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: cloudflare
etag: W/"625095f6-ba5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac64ad6158e4-TXL

GET
H2 200 theme.js Show response
www.silverfort.com/wp-content/themes/airfleet/dist/ 818 KB
212 KB 141ms
140ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/themes/airfleet/dist/theme.js?ver=1714454429

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

db2330db02efad9a7501712f8daf6deba69477e1dc32e14f602802b43704aa63

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 364304
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:29 GMT
server: cloudflare
etag: W/"66307f9d-cc9ab"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bcd44f2-TXL

GET
H2 200 critical.js Show response
www.silverfort.com/wp-content/themes/airfleet/dist/ 73 KB
20 KB 139ms
138ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/themes/airfleet/dist/critical.js?ver=1714454429

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2cca075f0eb528e1eef09c3ac29372cb11f3daed3fc2d2bb548d05d1149a338

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 373681
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:29 GMT
server: cloudflare
etag: W/"66307f9d-1229a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac629bcf44f2-TXL

GET
H3 200 float.js Show response
www.silverfort.com/wp-content/plugins/gtranslate/js/ 22 KB
7 KB 84ms
83ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/plugins/gtranslate/js/float.js?ver=48f16741d46e16046966fe9754775630

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b82cf334e70a450ecf59d4d92355d1cb408b1a95f028decb50c597ac53e42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 364305
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:28 GMT
server: cloudflare
etag: W/"66307f9c-595e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac64bd7458e4-TXL

GET
H3 200 lazyload.min.js Show response
www.silverfort.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
3 KB 56ms
56ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 377819
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:29 GMT
server: cloudflare
etag: W/"66307f9d-22bc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac64bd7758e4-TXL

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 330 KB
112 KB 157ms
70ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDRW9VH

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d562a162d1808daeb31483332fd804d96d8a5ffc5f9998a7605c7f6fe12ffbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114142
x-xss-protection: 0
last-modified: Tue, 07 May 2024 00:09:18 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 May 2024 02:10:24 GMT

GET
H2 200 css2
fonts.googleapis.com/ 16 KB
1 KB 140ms
51ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/wp-content/themes/airfleet/theme/style.css?ver=1714454429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f1e4c18549167223af672ff319ac7293d52e09fd02544d08d4166078b5f36c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 May 2024 02:10:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 May 2024 02:06:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 May 2024 02:10:24 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 176ms
41ms Stylesheet
text/css 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=owl1fid&ht=tk&f=139.140.173.174.175.176.25136.25137.14723.42583.42584.42585.42586.42587.42588&a=4086036&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/owl1fid.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://use.typekit.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
last-modified: Sun, 10 Sep 2023 12:39:23 GMT
server: nginx
etag: "64fdb8fb-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfcdd3e25fd9408f29e85fd42c12bea31ab7457b70442b51543c52874ad3d9d6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 514fe49518da7f9010183ba6b83a8655bb93041d9de86cb22565a419836225c6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfcc2143b6f0635117b7354d9c0965778cd10168c10ca661d0ce42af30820951

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a1e3841a248b8799e00d97ad488aeb8fda77869b673e64608e9b53d6fad24ff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6004cc3ebe58ae4014aff5bafabee6510527938fb5005c127c55f14ba1f860fc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 333ce4aa2e95b8315e5de6da461164554399f77d44ea94b4cba378c8df8c1065

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9ad6189a89fa41bfd756d25eee3c9f779e2278f4d450a5c936d80353b397505

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0fea224918286372880968666830eac937a5606b2599a3542f408d60d66c7d96

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cdaab53427ca864aad95489040155b013317a228ec58c1ee10618f505fb8673

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 415ms
44ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 07 May 2024 02:10:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H3 200 ico-magnifying-glass.da6d672662.svg
www.silverfort.com/wp-content/themes/airfleet/dist/images/ 278 B
646 B 56ms
56ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.silverfort.com/wp-content/themes/airfleet/dist/images/ico-magnifying-glass.da6d672662.svg

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/wp-content/themes/airfleet/dist/styles/theme.css?ver=1714454429

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

08641f81a1cad2dd12587dda89aada31d41b0cd118a7f36f49d8ad35c73a24e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/wp-content/themes/airfleet/dist/styles/theme.css?ver=1714454429
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 359485
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:29 GMT
server: cloudflare
etag: W/"66307f9d-116"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac64cd8f58e4-TXL

GET
H3 200 font-geo-bold.07d8b6589c.woff2
www.silverfort.com/wp-content/themes/airfleet/dist/fonts/ 70 KB
71 KB 72ms
72ms Font
font/woff2 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/themes/airfleet/dist/fonts/font-geo-bold.07d8b6589c.woff2

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/wp-content/themes/airfleet/dist/styles/theme.css?ver=1714454429

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ee78165676c8fd7079050f30ee808faab2dd707ddd8ebbcdea2943853d1fda5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/wp-content/themes/airfleet/dist/styles/theme.css?ver=1714454429
Origin: https://www.silverfort.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 373691
alt-svc: h3=":443"; ma=86400
content-length: 71812
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:29 GMT
server: cloudflare
etag: "66307f9d-11884"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
accept-ranges: bytes
cf-ray: 87fdac64fdd758e4-TXL

GET
H3 200 font-light.a63c8feb30.woff2
www.silverfort.com/wp-content/themes/airfleet/dist/fonts/ 73 KB
74 KB 147ms
147ms Font
font/woff2 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/themes/airfleet/dist/fonts/font-light.a63c8feb30.woff2

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/wp-content/themes/airfleet/dist/styles/theme.css?ver=1714454429

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

919573c7c6dbf66ad9f2adba0c41117e48003d559cbfb87fc833ad0f199fbe17

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/wp-content/themes/airfleet/dist/styles/theme.css?ver=1714454429
Origin: https://www.silverfort.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 359485
alt-svc: h3=":443"; ma=86400
content-length: 75116
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:29 GMT
server: cloudflare
etag: "66307f9d-1256c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
accept-ranges: bytes
cf-ray: 87fdac64fdd958e4-TXL

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/9d15588c/www-widgetapi.vflset/ 215 KB
67 KB 146ms
44ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9d15588c/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/wp-content/plugins/embedpress/assets/js/ads.js?ver=3.9.16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1442bd1e775db156e5e8dfdac18d3363e323fe5dcaa648224124fb898b97b441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 21:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 533719
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68259
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:51:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Apr 2025 21:55:05 GMT

GET
H3 200 v2-legacy.js Show response
js.hsforms.net/forms/ 0
1 KB 97ms
52ms Script
application/javascript 104.18.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2-legacy.js

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/wp-content/themes/airfleet/dist/theme.js?ver=1714454429

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

age: 523
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: FormsNext/static-5.746/js/noop.js
date: Tue, 07 May 2024 02:10:24 GMT
x-amz-version-id: TI_eHjk_URYq5uHP8TC7vckaIywDJgzo
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: b61661a8-52d6-4ed5-9ac1-c77a6614daac
x-cache: Hit from cloudfront
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 0
x-evy-trace-route-configuration: listener_https/all
x-request-id: b61661a8-52d6-4ed5-9ac1-c77a6614daac
last-modified: Thu, 28 Mar 2024 11:42:53 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ijs348RbFyzImUg7qw2dVNdXQLZzSpruNXukZOg8emGCN1GFc5W2ZR7Wd4KF3C3YCboVDmbuPwG14Ak0%2BjCMKxX3TaWIa3R8lggZayfBFt2K57EQraQBxN6p7O8ZeT6D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-tk5t7
accept-ranges: bytes
cf-ray: 87fdac657c7a2c6d-FRA
x-amz-cf-id: BYaqN-DcjedQEJn4xgvLZLrXlWNP320OL0mXGnJhOGHDig2gI_z5Cw==

GET
H3 200 v2.js Show response
js.hsforms.net/forms/ 482 KB
154 KB 96ms
51ms Script
application/javascript 104.18.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/wp-content/themes/airfleet/dist/theme.js?ver=1714454429

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
age: 387
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5064/bundles/project-v2.js&cfRay=87fda2f63d19bb56-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"b0047a8901d8ed9f81db3dcb5982114e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5064/bundles/project-v2.js
date: Tue, 07 May 2024 02:10:24 GMT
x-amz-version-id: 4lHA5dnNobe4YqKec9CE2kPtPUzRSBNR
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: f8d2470f-7d53-4096-a211-c8fdc229bec9
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: f8d2470f-7d53-4096-a211-c8fdc229bec9
last-modified: Wed, 03 Apr 2024 11:15:05 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PaOZqvhTgcY4aBUpFt7IZZbnE7ba96V2DXApYOjxHRny40DQ9q7SO3NlLsmh%2BMnpnjU8qpBwvKv6xvjmVqhKNB4dAhb1Xkn5Lf3pOZF6tS9VMGibM9Z5npCMpvWp0zk0"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-rcvgx
cf-ray: 87fdac657c792c6d-FRA
x-amz-cf-id: fSzMWYpjt8eshAkV16aS0WhO-fWPUE1_amN7zWnyPN5sRWUoz8UKiQ==

GET
H3 200 20220315-104646u76P4g0vCA.png
www.silverfort.com/wp-content/uploads/2022/03/ 1 KB
2 KB 143ms
142ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.silverfort.com/wp-content/uploads/2022/03/20220315-104646u76P4g0vCA.png

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e2088bbe79e60715b8ea7be7665905ec26d224d243496576ad25a6eb9e6b5f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 364305
cf-polished: origFmt=png, origSize=2667
content-disposition: inline; filename="20220315-104646u76P4g0vCA.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1314
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Tue, 15 Mar 2022 09:46:57 GMT
server: cloudflare
etag: "62306091-a6b"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
accept-ranges: bytes
cf-ray: 87fdac653e2f58e4-TXL

GET
H3 200 Dor-Segal-150x150.jpg
www.silverfort.com/wp-content/uploads/2023/05/ 3 KB
3 KB 143ms
143ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.silverfort.com/wp-content/uploads/2023/05/Dor-Segal-150x150.jpg

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eb1e3899477e39c0e5de2336778167814e5df5aed883f2d0503eef27682d061

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 71314
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 2824
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Tue, 23 May 2023 06:15:50 GMT
server: cloudflare
etag: "646c5a16-b08"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
accept-ranges: bytes
cf-ray: 87fdac653e3158e4-TXL

GET
H3 200 MITM-blog.png
www.silverfort.com/wp-content/uploads/2024/05/ 73 KB
74 KB 144ms
144ms Image
image/png 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.silverfort.com/wp-content/uploads/2024/05/MITM-blog.png

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ccbbbd7bfaa69922db78b5327050dbb741aacef0557cd715472b815141c3d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 71314
cf-polished: origSize=79882, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 75109
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sun, 05 May 2024 18:44:05 GMT
server: cloudflare
etag: "6637d375-1380a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
accept-ranges: bytes
cf-ray: 87fdac653e3358e4-TXL

GET
H3 200 en-us.svg
www.silverfort.com/wp-content/plugins/gtranslate/flags/svg/ 6 KB
1 KB 150ms
149ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.silverfort.com/wp-content/plugins/gtranslate/flags/svg/en-us.svg

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c64c14fa68916dba409ddf0e38ca5dc8bd262b959a5814ecb6667096b35efa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 371334
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Apr 2024 05:20:28 GMT
server: cloudflare
etag: W/"66307f9c-17c0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac653e3458e4-TXL

GET
DATA 200
OK truncated
/ 270 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 l
use.typekit.net/af/78aca8/00000000000000007735e60d/30/ 29 KB
29 KB 171ms
40ms Font
application/font-woff2 2a02:26f0:480:f::213:7ed1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/78aca8/00000000000000007735e60d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/owl1fid.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b07871da02311868c31ab6ac5a4e78cc877f118acd854857f6f51519f3ddbbc9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://use.typekit.net/owl1fid.css
Origin: https://www.silverfort.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
server: nginx
etag: "1d1aed9a298449b26ef6d57c78caa88b6b5de306"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29764

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 29 KB
29 KB 182ms
50ms Font
application/font-woff2 2a02:26f0:480:f::213:7ed1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/owl1fid.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://use.typekit.net/owl1fid.css
Origin: https://www.silverfort.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
server: nginx
etag: "6aeae62b893768150f3460329dc461358e8ab2f5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29820

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 30 KB
30 KB 226ms
94ms Font
application/font-woff2 2a02:26f0:480:f::213:7ed1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/owl1fid.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://use.typekit.net/owl1fid.css
Origin: https://www.silverfort.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
server: nginx
etag: "09d1a94c81035c62708e0a513ee76d7886d15a25"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30704

GET
H2 200 l
use.typekit.net/af/3322cc/00000000000000007735e616/30/ 31 KB
31 KB 219ms
87ms Font
application/font-woff2 2a02:26f0:480:f::213:7ed1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3322cc/00000000000000007735e616/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/owl1fid.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 19be36b532c3147a005317cbc940c69b7137c7980a462525055393d3cfd20b30

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://use.typekit.net/owl1fid.css
Origin: https://www.silverfort.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
server: nginx
etag: "45b6acdd85bc39b5dfc108ace1ad2dbe5fca28ba"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31620

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 289 KB
98 KB 58ms
57ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4052YMBRRZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDRW9VH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a34ff3a310804bb66fa12932379e85219e0f423fd1031aaf21023d3d0e19dc0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100426
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 May 2024 02:10:24 GMT

GET
H2 200 e22665ed-7c2a-460c-8f99-893f904fa3a9.js Show response
j.6sc.co/j/ 4 KB
5 KB 634ms
456ms Script
application/javascript 2.19.96.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/e22665ed-7c2a-460c-8f99-893f904fa3a9.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDRW9VH
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.153 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-153.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bc6ac9525a76d6595299967d130d28aa8a886b759dd855f6e6a47862a0d53a08

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: GMedplnG0apOgkV6A4z5R.hvZia55PTH
date: Tue, 07 May 2024 02:10:24 GMT
x-amz-cf-pop: DUS51-P4
x-amz-server-side-encryption: AES256
x-amz-meta-content-type: application/json
content-length: 4576
pragma: no-cache
last-modified: Thu, 28 Mar 2024 20:10:17 GMT
server: AmazonS3
etag: "e77215fa632eba0066d81e9f3f7c0163"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: oz3BfSKZapb4Uqt40-HiZ70ENerx3aeyiqlJd-mWYLrqxkBuCMu16A==
expires: Tue, 07 May 2024 02:10:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 136ms
43ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDRW9VH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 May 2024 02:07:49 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 155
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 07 May 2024 04:07:49 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 143ms
40ms Script
application/javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDRW9VH

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 May 2024 17:20:18 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=54609
accept-ranges: bytes
content-length: 16683

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 65ms
62ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10831086858&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDRW9VH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b4f6072ed35d49e569a622580032c9e3f2c22b068a4d18bf867e82f10c0f77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82292
x-xss-protection: 0
last-modified: Tue, 07 May 2024 00:09:18 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 May 2024 02:10:24 GMT

GET
H2 200 hotjar-3289733.js Show response
static.hotjar.com/c/ 9 KB
4 KB 163ms
68ms Script
application/javascript 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3289733.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDRW9VH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-11.fra56.r.cloudfront.net

Software

Resource Hash

835d4f658b1f9809f57be8bdaf784aa2bd684d832857018de5bd4d265b0fb933

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 07 May 2024 02:10:24 GMT
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/42992ba5cef42663f62335a3d2c08d3d
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: L8GxttRyzARw9goTjWhfCVB8dMgSXhoo_f5LXuUxdmJNg_RiY_AFMQ==

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 164ms
75ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDRW9VH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 07 May 2024 02:10:24 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0F47E6764E4B45E89C7E0F043A3F637E Ref B: FRA31EDGE0222 Ref C: 2024-05-07T02:10:24Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 38 KB
12 KB 147ms
40ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDRW9VH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 57bd3463acfad02c222f7beac208f69df5507f7de42fa38b18a1e1e48df2a44a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 24 Apr 2024 17:35:49 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "c4d61fbb6e730a840c7f140cbb9bcd06"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 11214

GET
H2 200 mixpanel-js-wrapper.js Show response
cdn.mxpnl.com/libs/ 3 KB
3 KB 148ms
41ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-js-wrapper.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDRW9VH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9502449ac2b03f78eb752b6b2a97180ae5b698da4a77c6ebd957a1c39e0890d5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 01:42:06 GMT
age: 1698
x-guploader-uploadid: ABPtcPqLzQaw0pSHIaK374AEa5HG3A2_oAkRrRhoye7wtDe9xoKadpQ5W59tSE4Q5nY_0T3TyOCDf_vNDA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2935
last-modified: Tue, 25 Apr 2023 21:03:37 GMT
server: UploadServer
etag: "9d3bf1685d40ce3ee7430af329db9409"
x-goog-generation: 1682456617206016
x-goog-hash: crc32c=7unirQ==, md5=nTvxaF1Azj7nQwrzKduUCQ==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 2935
accept-ranges: bytes
expires: Tue, 07 May 2024 02:42:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 133ms
46ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 07 May 2024 02:10:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1294, tbw=2778, tp=-1, tpl=-1, uplat=3, ullat=-1
pragma: public
x-fb-debug: 2d87x761mxeRvMs90gQnek5TYbk7XrRQgDJ/OxPUd/FR94woRBegxHmkcxQU72UhNhYQN/svOHUr3XOyLC0VTw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 4711332.js Show response
js.hs-scripts.com/ 2 KB
1 KB 241ms
151ms Script
application/javascript 2606:4700::6810:8ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/4711332.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDRW9VH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcdf21a6b494b8e5b51a129c4c4df142b084680ecff3adc04a6810e05d1aac29

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1d1e8f57-55f8-49d6-acce-5dbd40e381c7
x-envoy-upstream-service-time: 10
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1d1e8f57-55f8-49d6-acce-5dbd40e381c7
last-modified: Tue, 07 May 2024 00:01:59 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.silverfort.com
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-zbwjr
access-control-allow-credentials: true
cache-control: public, max-age=90
cf-ray: 87fdac676c9d39c2-FRA
expires: Tue, 07 May 2024 02:11:54 GMT

GET
H2 200 lftracker_v1_lAxoEaKkRdoaOYGd.js Show response
sc.lfeeder.com/ 31 KB
11 KB 214ms
49ms Script
application/javascript 2600:9000:2250:5800:4:d7e1:700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.lfeeder.com/lftracker_v1_lAxoEaKkRdoaOYGd.js
Requested by: Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5800:4:d7e1:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2a018dcccd2ebd4e0dee556e61a7fc5b4cbe8959477dd89b15cde3c86ba27fa

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Lw3QKXEqZTYOUu0kGFIxfKJPjS9lpiOe
content-encoding: gzip
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
date: Tue, 07 May 2024 02:10:24 GMT
last-modified: Thu, 08 Feb 2024 07:17:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 1462
x-amz-server-side-encryption: AES256
etag: W/"b7248753316a6361ca118f61b20d6e2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: YdJw755-wIUYiiL3S5gWtBEp_BSpXnYiKT8dIZ8eEHgv6H29L_W7LA==

GET
H2 200 lo.js Show response
tools.luckyorange.com/core/ 13 KB
5 KB 192ms
44ms Script
text/javascript 2600:9000:211e:1400:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/lo.js?site-id=c6f72cd6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDRW9VH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:1400:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff4a78009e4666bfc1d9df7459b4af5973a1203c293c3a6d63095224c972b912

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 01:32:59 GMT
content-encoding: gzip
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 2246
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4625
last-modified: Fri, 03 May 2024 19:08:20 GMT
server: AmazonS3
etag: "7388071e3356c9dfd159b7713fefc925"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 4mdBawlvFHskpX_hLOoulREpmDi28TEZOfIy-2HvSmACaxYj5WLPUw==

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 270 KB
73 KB 185ms
40ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0f790bb4c8aab0ba674aa0590ba1b0c29ddbd1ea3c6005491fafd343be6772dd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Origin: https://www.silverfort.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 01:30:42 GMT
content-encoding: br
age: 2382
x-guploader-uploadid: ABPtcPpinjXujXcm37dcD2pR16hJEDVsXHBV3dXpAK_fn7sTLMT0HZk6djnKWl-YxBsrSX3Uwco
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74565
last-modified: Mon, 06 May 2024 14:27:39 GMT
server: UploadServer
etag: "4c5d1aaa6a2849a014e2b9ba869f3a6b"
vary: Accept-Encoding
x-goog-generation: 1715005659222125
x-goog-hash: crc32c=Qb22Nw==, md5=TF0aqmooSaAU4rm6hp86aw==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 74565
accept-ranges: bytes
expires: Tue, 07 May 2024 02:30:42 GMT

GET
H2 200 hjmgkrn6sn Show response
www.clarity.ms/tag/ 685 B
1 KB 391ms
235ms Script
application/x-javascript 2620:1ec:46::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/hjmgkrn6sn
Requested by: Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d4c3a8a5b9872e14d78458960fe22e79537f60b9e0992dfe4a9c4af80cab53ce

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Tue, 07 May 2024 02:10:24 GMT
x-azure-ref: 20240507T021024Z-1675f5555886kzh4a3xdn6ngz400000000q0000000000bu6
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 685
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/4711332/cee40b47-c2e6-4906-b7ed-988fb760e6f7/ 57 KB
8 KB 234ms
183ms XHR
application/json 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/4711332/cee40b47-c2e6-4906-b7ed-988fb760e6f7/json?hs_static_app=forms-embed&hs_static_app_version=1.5064&X-HubSpot-Static-App-Info=forms-embed-1.5064

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ff1ee92c25bee97807d0b75b86156196b636ac7a8d3ab55a277388bcab7fc0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-origin-hublet: na1
date: Tue, 07 May 2024 02:10:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 600702b3-329a-4bde-a6db-4b9d3453996d
x-envoy-upstream-service-time: 24
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 600702b3-329a-4bde-a6db-4b9d3453996d
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.silverfort.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 87fdac6749ce4528-TXL
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-rcnzv

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 178ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4052YMBRRZ&gtm=45je4510v870990302z8812563043za200&_p=1715047823935&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=431862802.1715047824&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1715047824&sct=1&seg=0&dl=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&dt=Using%20MITM%20to%20bypass%20FIDO2%20phishing-resistant%20protection%20-%20Silverfort&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=995
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4052YMBRRZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 02:10:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.silverfort.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 40ms
40ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 07 May 2024 02:10:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Thu, 15 Aug 2024 02:10:24 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 47ms
47ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1079516578&t=pageview&_s=1&dl=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&ul=de-de&de=UTF-8&dt=Using%20MITM%20to%20bypass%20FIDO2%20phishing-resistant%20protection%20-%20Silverfort&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=431902025&gjid=724445413&cid=431862802.1715047824&tid=UA-145009438-1&_gid=1898965227.1715047825&_r=1&_slc=1&gtm=45He4510n81TDRW9VHv812563043za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1444791927

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 May 2024 02:10:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.silverfort.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 54 KB
19 KB 42ms
42ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-js-wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 87a9dc9be70cd0233d8ce1e472fe0751e178b7a1a42f5adde35f275ef0cefcc3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:11 GMT
content-encoding: gzip
age: 13
x-guploader-uploadid: ABPtcPp7mVW5u8TcSVKld7Exi_KXwONYgVogSVz4fw7C6HNKbTmioN8NWYodPlWNiPGtECWViU89Fsko7w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18793
last-modified: Fri, 26 Apr 2024 20:55:25 GMT
server: UploadServer
etag: "699087d24603faf41a8ef844dd0c55d1"
vary: Accept-Encoding
x-goog-generation: 1714164925156474
x-goog-hash: crc32c=4oRQEw==, md5=aZCH0kYD+vQajvhE3QxV0Q==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 18793
accept-ranges: bytes
expires: Tue, 07 May 2024 02:20:11 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=649297&time=1715047824544&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=649297&time=1715047824544&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D649297%26time%3D1715047824544%26url%3Dhttps%253A%252F%252Fwww.silverfort.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=649297&time=1715047824544&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=649297&time=1715047824544&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&cookiesTest=true&liSync=true&e_ipv6=AQKhMk0...

0
265 B

295ms
185ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=649297&time=1715047824544&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&cookiesTest=true&liSync=true&e_ipv6=AQKhMk0hAug5xQAAAY9Q0P-3X2SNkH5xZkqikkx7Cske-9lqKbgYw2PBmGWkVZbwF0gnfOg
Requested by: Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 07 May 2024 02:10:25 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 0AD2314581B64A9FA126D83F0EBF8E59 Ref B: DUS30EDGE0818 Ref C: 2024-05-07T02:10:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYX07BrSocBu0CYb0ZU6Q==

Redirect headers

date: Tue, 07 May 2024 02:10:24 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 98724C62CF064045B6F6C72090D61AC7 Ref B: FRAEDGE1406 Ref C: 2024-05-07T02:10:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=649297&time=1715047824544&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&cookiesTest=true&liSync=true&e_ipv6=AQKhMk0hAug5xQAAAY9Q0P-3X2SNkH5xZkqikkx7Cske-9lqKbgYw2PBmGWkVZbwF0gnfOg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYX07Bmx/7xBOQ6jbNDjA==

GET
H2 200 t2_f40fbiwh_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
700 B 139ms
42ms XHR
application/json 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_f40fbiwh_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 98

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 148ms
41ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1715047824550&id=t2_f40fbiwh&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=3cf9cfbe-5e24-455d-b0d9-930a1ade34c6&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_3ba1cddf&dpm=&dpcc=&dprc=
Requested by: Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 modules.842bcec28f9fd12bb79e.js Show response
script.hotjar.com/ 221 KB
55 KB 140ms
44ms Script
application/javascript 13.32.27.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.842bcec28f9fd12bb79e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3289733.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-19.fra56.r.cloudfront.net

Software

Resource Hash

1d85a9a8a0c664f61a19377e5846769cce64d963e29001f56403926e63033f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 13:45:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 390318
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55872
last-modified: Thu, 02 May 2024 13:44:30 GMT
etag: "f27d2d9a453e162eec63180cf358c726"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: TvsKcsD2H-Vn16DAKlE7YV8IUZapoR1E_bvKJk4epfxOE28ZADU15Q==

GET
H2 200 187044939.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 70ms
69ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187044939.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

78703497c391d3b52f4fd3404f4f54925e1f45f923ccf55035b7c01801ca9b69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Tue, 07 May 2024 02:10:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0D0D07EF6D8F46CF9A55BB0F53035E48 Ref B: FRA31EDGE0222 Ref C: 2024-05-07T02:10:24Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
286 B 106ms
106ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187044939&tm=gtm002&Ver=2&mid=c8bd2edc-a920-4d5e-b0af-771d433dd9be&sid=f70f7ca00c1611ef81bc3f80026da483&vid=f70f86500c1611ef9af937ade4fa8d8d&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Using%20MITM%20to%20bypass%20FIDO2%20phishing-resistant%20protection%20-%20Silverfort&p=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&r=&lt=685&evt=pageLoad&sv=1&rn=59105

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 07 May 2024 02:10:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AC34B4902FF74E15B5E966D32DADABF1 Ref B: FRA31EDGE0222 Ref C: 2024-05-07T02:10:24Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 152ms
48ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-145009438-1&cid=431862802.1715047824&jid=431902025&gjid=724445413&_gid=1898965227.1715047825&npa=1&_u=YADAAEAAAAAAACAAI~&z=731164466

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 07 May 2024 02:10:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.silverfort.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2473005616322330 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 102ms
101ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2473005616322330?v=2.9.155&r=stable&domain=www.silverfort.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16df2a51ca1cfc0a2169f0f6934813948b864bbd0589a5b58c0c0c8fa27119a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 07 May 2024 02:10:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=62, mss=1294, tbw=63321, tp=-1, tpl=-1, uplat=62, ullat=0
pragma: public
x-fb-debug: QMBoE35hMrjKrnwEZrDzDKTxWzCwhffADs06RV8pE0Hn7ta0WybxrogUBYFY3ESWF5Cul2rgoB9loIdzUNNcQQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 187044939 Show response
www.clarity.ms/tag/uet/ 846 B
1 KB 144ms
130ms Script
application/x-javascript 2620:1ec:46::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/187044939
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/187044939.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: eed41333a0a7886e0b3d45191e2769d69aab5321e37e91e51471c88a9106d40f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Tue, 07 May 2024 02:10:24 GMT
x-azure-ref: 20240507T021024Z-1675f5555886kzh4a3xdn6ngz400000000q0000000000bu7
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 846
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 4711332.js Show response
js.hs-banner.com/ 70 KB
18 KB 402ms
317ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/4711332.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4711332.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74f8c559ca8f4a1f978a752ed616c18b92701dbca5a0cc21a4d1e5f8d6062627

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:25 GMT
x-amz-version-id: 34PVmzT51lzs2h2mC6qnW9V7cqEEWF1K
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: V9TNW1432ZVAE7YR
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 3a94e23c-9dc1-47e9-86a0-7cc4c7250acb
x-envoy-upstream-service-time: 22
x-amz-id-2: zQSSuE3oChnlazEiod6meRn7rMeIQIvE8mVtj5A3Jxr+f64saI8C+En/iAlywVmDSBlX/ShjNjQ=
x-evy-trace-listener: listener_https
x-request-id: 3a94e23c-9dc1-47e9-86a0-7cc4c7250acb
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 29 Mar 2024 16:25:40 GMT
server: cloudflare
etag: W/"3b3e079ff66ad5dbcb06f93ac3df55d5"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.silverfort.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6dfb9475dd-sx8bv
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 87fdac693d741919-FRA
expires: Tue, 07 May 2024 02:15:25 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 82 KB
25 KB 275ms
189ms Script
application/javascript 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4711332.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8903e555bd60b3e66725a7316fa1c399c1c330b6f207dfbf294e287857d526c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Origin: https://www.silverfort.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1087/bundles/project.js&cfRay=87fdac693ddc9b8c-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"aca27b624bf30d36e5f4f145ae76704a"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1087/bundles/project.js
date: Tue, 07 May 2024 02:10:24 GMT
x-amz-version-id: iqAR5gkkMAkFd.Z3L05RGWJk1d1nl__E
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 1f9e8e4d-1d39-4dc3-8c62-62172dbc4c6d
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 34
x-evy-trace-route-configuration: listener_https/all
x-request-id: 1f9e8e4d-1d39-4dc3-8c62-62172dbc4c6d
last-modified: Fri, 26 Apr 2024 11:14:32 UTC
server: cloudflare
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7EUPlujUtVH5cPpGXdgtlWxRsAEJDkXI50RJ4RF%2BRLoHWpN5Kx4B7YJVes6cyCsFIniNj9hFE0fYzA2gZ71%2Bc9w%2FE5s6DcZgLy2vzWCWrQCuW9QKV9rLXIP2u9RWaQI5HsbC8f6cm9Mum2as"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-tk5t7
cf-ray: 87fdac693ddc9b8c-FRA
x-amz-cf-id: cIc0wwqVXO-p4nzx-wRyEwyHI5t1JaPHZd7l5lrVLpK1oZrdvnLx2A==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 135ms
50ms Script
application/javascript 2606:4700::6811:df98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4711332.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:df98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1da8f170c3865aeacd91c9b95531baec2b5dcd16174220092e3a3695ba6ef456

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
x-amz-version-id: .jnzEtgOd9S.y9u.IH0.Nidq3hy2M7RK
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 478
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.552/bundles/pixels-release.js&cfRay=87fda0b888d72c5e-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 9b9c07bc-667e-4a19-b8b6-cf1d5020ce43
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9b9c07bc-667e-4a19-b8b6-cf1d5020ce43
last-modified: Mon, 06 May 2024 13:51:07 UTC
server: cloudflare
etag: W/"eeced445dd619f5fac08890cddee2915"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-w988t
cf-ray: 87fdac693af21e53-FRA
x-amz-cf-id: RXFJtcotJsyrk5hZFgy35R0DUzo6x1OWylkoMgoP1stXqTA7MqV5Vw==
x-hs-target-asset: adsscriptloaderstatic/static-1.552/bundles/pixels-release.js

GET
H2 200 4711332.js Show response
js.hs-analytics.net/analytics/1715047800000/ 67 KB
21 KB 256ms
161ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1715047800000/4711332.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4711332.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 484e3314b6d01584a907a704ab20f69c8a7b0dd1db0b34fa049bc5401c445b2c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: Z93X1E77AV08YGVC
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: f68f6837-23f6-4f16-892f-0d606a3bc7da
x-envoy-upstream-service-time: 18
x-amz-id-2: oLGFix16GWrIJ0q09scqgwrS8zrv6ptzKpgRRPDBmz/KxqsUbzDXL2dI7PAX9Kyooppts+rq6Ak=
x-evy-trace-listener: listener_https
x-request-id: f68f6837-23f6-4f16-892f-0d606a3bc7da
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 24 Apr 2024 18:19:02 GMT
server: cloudflare
etag: W/"d1773de32ef6802622cb9bc373c380de"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-mnr7x
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 87fdac694b325d93-FRA
expires: Tue, 07 May 2024 02:15:24 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 85 KB
25 KB 141ms
54ms Script
application/javascript 2606:4700::6810:4e8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4711332.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4e8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

156b381819247eb013bfd7ad6cd96fed291f0a1bfb55206c8e644bb42576c5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
x-amz-version-id: GvgLK8fwBknh5qjmyScH5OBLxCldU5fy
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 259
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16164/bundles/project.js&cfRay=87fda611d94391f6-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: fa83a3b3-5927-4c6e-8462-9dd1960349b8
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: fa83a3b3-5927-4c6e-8462-9dd1960349b8
last-modified: Thu, 25 Apr 2024 15:01:14 UTC
server: cloudflare
etag: W/"62f54fd24c76f93ed036543b6c349661"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-qbnbs
cf-ray: 87fdac69abd99f19-FRA
x-amz-cf-id: 8wk2aweQ-7Qv_7cfllQxiSeR_U0SoF9jvtHzPf2eOi59rlYEyPnWpQ==
x-hs-target-asset: conversations-embed/static-1.16164/bundles/project.js

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
883 B 390ms
344ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b18f861e-178f-45ed-adbf-5cbd93b24588
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b18f861e-178f-45ed-adbf-5cbd93b24588
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-kkb7j
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 87fdac68cb9944fe-TXL

GET
H2 200 l
use.typekit.net/af/23e139/00000000000000007735e605/30/ 30 KB
30 KB 40ms
40ms Font
application/font-woff2 2a02:26f0:480:f::213:7ed1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/23e139/00000000000000007735e605/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/owl1fid.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 38e9ade7cb9f7a31a4525f2a70c4bdd2529340926202641bbbda8d655df8c0c3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://use.typekit.net/owl1fid.css
Origin: https://www.silverfort.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
server: nginx
etag: "a21f48c40e7bf9dfada3e63deed3f84d0cf8b79b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30440

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
884 B 389ms
346ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 244ca98d-8def-4209-bf8b-97f8610f8ad8
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 244ca98d-8def-4209-bf8b-97f8610f8ad8
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-9gk7d
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 87fdac695c7558de-TXL

GET
H2 200 c6f72cd6 Show response
settings.luckyorange.com/ 149 B
248 B 154ms
153ms Fetch
application/json 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/c6f72cd6
Requested by: Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash: fa69a53942a2be0a90f3c783899afdcef6484bd89e3f32c355f4bb471164eda5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
x-lucky-uid: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
x-lucky-referrer
Referer: https://www.silverfort.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:25 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.silverfort.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149

OPTIONS
H2 200 c6f72cd6
settings.luckyorange.com/ Frame 0
0 243ms
154ms Preflight 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/c6f72cd6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method: GET
Origin: https://www.silverfort.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.silverfort.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 07 May 2024 02:10:24 GMT
via: 1.1 google

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 129ms
41ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2473005616322330&ev=PageView&dl=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&rl=&if=false&ts=1715047824745&sw=1600&sh=1200&v=2.9.155&r=stable&ec=0&o=4126&fbp=fb.1.1715047824744.2061175567&ler=empty&cdl=API_unavailable&it=1715047824622&coo=false&rqm=GET

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1294, tbw=2769, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 07 May 2024 02:10:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
tr.lfeeder.com/ 43 B
293 B 195ms
94ms Image
image/gif 18.66.112.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.lfeeder.com/?sid=lAxoEaKkRdoaOYGd&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTE0NTAwOTQzOC0xIl0sImdhTWVhc3VyZW1lbnRJZHMiOlsiRy00MDUyWU1CUlJaIl0sImdhQ2xpZW50SWRzIjpbIjQzMTg2MjgwMi4xNzE1MDQ3ODI0Il0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNjIuMyJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly93d3cuc2lsdmVyZm9ydC5jb20vYmxvZy91c2luZy1taXRtLXRvLWJ5cGFzcy1maWRvMi8iLCJwYWdlVGl0bGUiOiJVc2luZyBNSVRNIHRvIGJ5cGFzcyBGSURPMiBwaGlzaGluZy1yZXNpc3RhbnQgcHJvdGVjdGlvbiAtIFNpbHZlcmZvcnQiLCJyZWZlcnJlciI6IiJ9LCJldmVudCI6InRyYWNraW5nLWV2ZW50IiwiY2xpZW50RXZlbnRJZCI6ImFhNWYxMDM1NzgxNGVmY2EiLCJzY3JpcHRJZCI6ImxBeG9FYUtrUmRvYU9ZR2QiLCJjb29raWVzRW5hYmxlZCI6dHJ1ZSwiY29uc2VudExldmVsIjoibm9uZSIsImFub255bWl6ZUlwIjpmYWxzZSwibGZDbGllbnRJZCI6IkxGMS4xLjhiMDU2ODQ3YjgwZjdkNTguMTcxNTA0NzgyNDc0NyIsImZvcmVpZ25Db29raWVzIjpbXSwicHJvcGVydGllcyI6e30sImF1dG9UcmFja2luZ0VuYWJsZWQiOnRydWUsImF1dG9UcmFja2luZ01vZGUiOiJvbl9zY3JpcHRfbG9hZCJ9
Requested by: Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-30.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:25 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: NMbSL9TQqvPGE3CsuAmh8PgbMD4WnIBRqU-5Gk0saODBxcdwAVLoeQ==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 129ms
48ms Image
image/gif 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-145009438-1&cid=431862802.1715047824&jid=431902025&npa=1&_u=YADAAEAAAAAAACAAI~&z=668521806

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 02:10:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 100ms
51ms Image
image/gif 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-145009438-1&cid=431862802.1715047824&jid=431902025&npa=1&_u=YADAAEAAAAAAACAAI~&z=668521806

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 02:10:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
edge.fullstory.com/s/settings/o-1MNAX9-na1/v1/ 5 KB
2 KB 235ms
234ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/o-1MNAX9-na1/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6a02b0be8edb24cf8291d277df9300321fc83ca0f0aebce35968c9e7eb97da30

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPrrm5GxqzZXTjKc0OQYsgq_iXu4RAxPcJiI2f4iQmiflffzO1dH4s5QHOxoP5lqLRE2UqPKKEZtKA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1425
last-modified: Tue, 07 May 2024 02:10:03 GMT
server: UploadServer
etag: "d3d9081b3dd654e08d9e1ed2334aa08c"
x-goog-generation: 1715047802988633
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=2Aql1A==, md5=09kIGz3WVOCNnh7SM0qgjA==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1425
accept-ranges: bytes
expires: Tue, 07 May 2024 02:25:24 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 82ms
81ms Script
application/javascript 2620:1ec:46::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/187044939
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:24 GMT
content-encoding: br
last-modified: Wed, 01 May 2024 11:24:58 GMT
etag: W/"0x8DC69D155BAD85E"
vary: Accept-Encoding
x-azure-ref: 20240507T021024Z-1675f5555886kzh4a3xdn6ngz400000000q0000000000bu9
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: c4a74137-101e-0065-0972-9e809f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 206ms
206ms XHR
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=4711332&conversations-embed=static-1.16164&mobile=false&messagesUtk=914b2ed1c967468ba91c81aeeca4f7ce&traceId=914b2ed1c967468ba91c81aeeca4f7ce

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1063b9bc807c19566f1e78df05ceead7b5236032d7d66c9cd47f44e194668d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
X-HubSpot-Messages-Uri: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 65b0b82e-fe4a-4f42-93e2-3cd3ed0d3280
x-envoy-upstream-service-time: 48
content-length: 1346
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 65b0b82e-fe4a-4f42-93e2-3cd3ed0d3280
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.silverfort.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-sxctz
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B3keglINGCoX2P2Q46WaoodngRLZMCgfPrMiqqygPCECEBg3USTbg3ip2HUUr%2BwiijFQ20YPc%2BmahvI2Z6O4DVx%2FvDNKqp2dV%2BCJeViwb114YGSPtCmUeJpWUEl9Dc9QUasPJlQHwIgNsxX40w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 87fdac6b4ea39b8c-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 157ms
157ms Preflight
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.silverfort.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.silverfort.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 87fdac6a4e4b9b8c-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Tue, 07 May 2024 02:10:25 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=89xEbnAANoZl5kr7nB8Sh674emg0Z1oOqQDqIwKrXvatpBfwoNKB5VxiGeXcgkZRxR4Uof7cbfffI%2F46558%2Fa8Ftx5%2FUEB3TBvV1NKZiJSRcYNdnuK94JzfCSCeJQVrz4PJTtR8l3a2kDZI1ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-ltnlz
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 2389a2fa-54f0-402e-b890-50c715b29988
x-request-id: 2389a2fa-54f0-402e-b890-50c715b29988

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 433 B
1 KB 207ms
206ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=4711332&currentUrl=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0f534d0c-6614-41f5-8702-5003a7a97f6f
content-encoding: br
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0f534d0c-6614-41f5-8702-5003a7a97f6f
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.silverfort.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3TzgqypLzFX273Idg7nZvGWLLJMUaGYi4pL7yW9baq55VfgAjCTfEvJjUkv8zu2AyEOSGBxDEajggB3DE9e55PNKtoSYT3qAYpqq%2FrwgGgex1sKYnr4inmfp06DCXsPPBbjuuiySyXKTv1nGpkBnvGUSfw172LIHvG4%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 87fdac6a7e5a9b8c-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-rbtjd

GET
H2 200 6si.min.js Show response
j.6sc.co/ 65 KB
18 KB 49ms
49ms Script
application/javascript 2.19.96.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/j/e22665ed-7c2a-460c-8f99-893f904fa3a9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.96.153 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-153.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

95ef911fcf12dfe0a1fb5b17a3b24fa81c6b07b102b435949b06e7e124de51cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 02:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Apr 2024 23:17:01 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "662ae46d-10585"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 17942
expires: Tue, 07 May 2024 02:10:25 GMT

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
298 B 669ms
398ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/x-clarity-gzip
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.silverfort.com
Date: Tue, 07 May 2024 02:10:25 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H2 200 page Show response
rs.fullstory.com/rec/ 1 KB
755 B 265ms
163ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: fa7ac447f1e5fd653b0748002d219a1ffb3e2f4da064f692b02a691e6c1d6f92

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 May 2024 02:10:25 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.silverfort.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 563

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
701 B 163ms
47ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 02:10:25 GMT
an-x-request-uuid: 70efee91-7833-4e50-b28b-a9a8e40a4629
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.silverfort.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.118; 80.255.7.118; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
195 B 81ms
49ms XHR
text/html 2.19.96.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.96.153 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-153.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:25 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.silverfort.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 19 B
309 B 190ms
40ms XHR
text/html 2a02:26f0:480:23::1726:62a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:23::1726:62a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ae1e4f7a09a58b0e8f9f3a0ae0e3e89186ca858e5cdcf31e9405b1cc826bede5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 02:10:25 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.silverfort.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a01:4a0:1338:93::6
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1715047825182_388391911_3413140_21_726_38_79_219";dur=1
content-length: 19
expires: Tue, 07 May 2024 02:10:25 GMT

GET
H2 200 cf-location Show response
js.hs-banner.com/cookie-banner-public/v1/ 2 B
145 B 131ms
48ms Fetch
text/plain 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/cf-location
Requested by: Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=1500
cf-ray: 87fdac6bbca89c01-FRA
content-length: 2

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
580 B 166ms
165ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 61cdb6f1-dd45-4276-9553-6dbad50eed1e
x-envoy-upstream-service-time: 10
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 61cdb6f1-dd45-4276-9553-6dbad50eed1e
last-modified: Tue, 07 May 2024 02:10:25 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-jwqn2
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 87fdac6bc84458de-TXL

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 725 B
709 B 236ms
157ms XHR
application/json 3.125.10.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.10.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-10-216.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d454566fbbab8fcbc70a1c3139be25be5205712442564fe24a5e0258e3337a98

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Token 548a93e6fcc57c9d1cbd13cee9fbe02c27693bdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
X-6s-CustomID: WebTag e22665ed-7c2a-460c-8f99-893f904fa3a9
Referer: https://www.silverfort.com/
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: 8415051612424601248
date: Tue, 07 May 2024 02:10:25 GMT
content-encoding: gzip
server: nginx
vary: Origin, Accept-Encoding
content-type: application/json
x-6si-region: eu-central-1a
access-control-allow-origin: https://www.silverfort.com
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-length: 387

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 144ms
44ms Preflight 3.125.10.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.10.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-10-216.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://www.silverfort.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.silverfort.com
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Tue, 07 May 2024 02:10:25 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: eu-central-1a
x-trace-id: 5938051637144185302

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 181ms
147ms Image
image/gif 2.19.96.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6bb0cfb595fd03cafda0442c9d89543c&svisitor=null&visitor=371fff04-eebd-4847-82c8-42b48b8b3930&session=21dd4e3a-3c54-425f-8834-bb34944ec1cf&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2007%20May%202024%2002%3A10%3A25%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20Senior%20Security%20Researcher%20Dor%20Segal%20will%20take%20you%20through%20his%20research%20uncovering%20how%20to%20use%20MITM%20attacks%20to%20bypass%20FIDO2.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Using%20MITM%20to%20bypass%20FIDO2%20phishing-resistant%20protection%20-%20Silverfort%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&pageViewId=ef55ac9e-3ab7-4dc7-8443-2270df0275cc&an_uid=0&webTagId=e22665ed-7c2a-460c-8f99-893f904fa3a9&v=1.1.18

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.96.153 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-153.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 02:10:25 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 May 2024 02:10:25 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 180ms
146ms Image
image/gif 2.19.96.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6bb0cfb595fd03cafda0442c9d89543c&svisitor=null&visitor=371fff04-eebd-4847-82c8-42b48b8b3930&session=21dd4e3a-3c54-425f-8834-bb34944ec1cf&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%226bb0cfb595fd03cafda0442c9d89543c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2007%20May%202024%2002%3A10%3A25%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2007%20May%202024%2002%3A10%3A25%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22548a93e6fcc57c9d1cbd13cee9fbe02c27693bdc%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2007%20May%202024%2002%3A10%3A25%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2007%20May%202024%2002%3A10%3A25%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2007%20May%202024%2002%3A10%3A25%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2007%20May%202024%2002%3A10%3A25%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2007%20May%202024%2002%3A10%3A25%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2007%20May%202024%2002%3A10%3A25%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%22e22665ed-7c2a-460c-8f99-893f904fa3a9%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2007%20May%202024%2002%3A10%3A25%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2007%20May%202024%2002%3A10%3A25%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2007%20May%202024%2002%3A10%3A25%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableMapCookieCapture%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2007%20May%202024%2002%3A10%3A25%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2007%20May%202024%2002%3A10%3A25%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20Senior%20Security%20Researcher%20Dor%20Segal%20will%20take%20you%20through%20his%20research%20uncovering%20how%20to%20use%20MITM%20attacks%20to%20bypass%20FIDO2.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Using%20MITM%20to%20bypass%20FIDO2%20phishing-resistant%20protection%20-%20Silverfort%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&pageViewId=ef55ac9e-3ab7-4dc7-8443-2270df0275cc&an_uid=0&webTagId=e22665ed-7c2a-460c-8f99-893f904fa3a9&v=1.1.18

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.96.153 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-153.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 02:10:25 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 May 2024 02:10:25 GMT

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 137ms
136ms Preflight
application/octet-stream 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.silverfort.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.silverfort.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 87fdac6c0cd19c01-FRA
content-length: 0
content-type: application/octet-stream
date: Tue, 07 May 2024 02:10:25 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 1
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-qr8zh
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 82e0b21a-a04b-4a6e-bfc7-f65b59055a9d
x-request-id: 82e0b21a-a04b-4a6e-bfc7-f65b59055a9d

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
174 B 151ms
150ms XHR
text/plain 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-banner.com/cookie-banner-public/v1/activity/view

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/4711332.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 May 2024 02:10:25 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f7f1e1f2-65b8-414a-9104-29a8c3029194
x-envoy-upstream-service-time: 15
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f7f1e1f2-65b8-414a-9104-29a8c3029194
server: cloudflare
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.silverfort.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-2r68v
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 87fdac6ced799c01-FRA

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 322ms
313ms Image
image/gif 2.19.96.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6bb0cfb595fd03cafda0442c9d89543c&svisitor=null&visitor=371fff04-eebd-4847-82c8-42b48b8b3930&session=21dd4e3a-3c54-425f-8834-bb34944ec1cf&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A1338%3A93%3A%3A6%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20Senior%20Security%20Researcher%20Dor%20Segal%20will%20take%20you%20through%20his%20research%20uncovering%20how%20to%20use%20MITM%20attacks%20to%20bypass%20FIDO2.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Using%20MITM%20to%20bypass%20FIDO2%20phishing-resistant%20protection%20-%20Silverfort%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&pageViewId=ef55ac9e-3ab7-4dc7-8443-2270df0275cc&an_uid=0&webTagId=e22665ed-7c2a-460c-8f99-893f904fa3a9&v=1.1.18

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.96.153 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-153.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 02:10:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 May 2024 02:10:25 GMT

GET
H2 200 integrations Show response
rs.fullstory.com/rec/ 16 KB
16 KB 167ms
167ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=o-1MNAX9-na1
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: b8853b94d509d7d8c52eb89933a7bf62d5eef8237ec44dc7357a5d1dfe7d421c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:25 GMT
via: 1.1 google
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=utf-8

GET
H2 200 914b2ed1c967468ba91c81aeeca4f7ce
app.hubspot.com/conversations-visitor/4711332/threads/utk/ Frame 0420 0
0 259ms
171ms Document
text/html 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/4711332/threads/utk/914b2ed1c967468ba91c81aeeca4f7ce?uuid=107748ea771044019e34c55d039ef6f6&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=silverfort.com&inApp53=false&messagesUtk=914b2ed1c967468ba91c81aeeca4f7ce&url=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.silverfort.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: false
age: 387
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 87fdac6d2df4973a-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.18616/html/index.html&cfRay=87fdac6d2df4973a&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F4711332%2Fthreads%2Futk%2F914b2ed1c967468ba91c81aeeca4f7ce%3Fuuid%3D107748ea771044019e34c55d039ef6f6%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dsilverfort.com%26inApp53%3Dfalse%26messagesUtk%3D914b2ed1c967468ba91c81aeeca4f7ce%26url%3Dhttps%253A%252F%252Fwww.silverfort.com%252Fblog%252Fusing-mitm-to-bypass-fido2%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fwww.silverfort.com%2F&cfenv=prod&pdt=2024-05-07&csp=ro
content-type: text/html; charset=utf-8
date: Tue, 07 May 2024 02:10:25 GMT
etag: W/"fe713fbe44a0deddd2e87f2e023919eb"
last-modified: Thu, 25 Apr 2024 15:01:14 UTC
origin-trial: Aqk2Dm2ZNOeMxifFm26pJzN4DTOHc1z7UYEx7QaWtHTVqsFhooI36f0r5tbw602aKbEI4WJ0fgx7+KHwlyi4HwwAAABceyJvcmlnaW4iOiJodHRwczovL2h1YnNwb3QuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=87fdac6d2df4973a&resource=conversations-visitor-ui/static-1.18616/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 9dc566ff42777d2cad8483451738f334.cloudfront.net (CloudFront)
x-amz-cf-id: hkCabH3tCPxKivOyBGVe4YT4TgtmnZYtSA9Eg_1DWmfGHMkrAJAW2w==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: _K5mn4P9p47gXw3WAZ5_G8OZVLZ9sXnh
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 6
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-lw8xd
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.18616/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: bf429135-d077-482f-bd1f-26d016e7d142
x-request-id: bf429135-d077-482f-bd1f-26d016e7d142

GET
H3 200 latest.js Show response
edge.fullstory.com/datalayer/v4/ 43 KB
12 KB 85ms
42ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/datalayer/v4/latest.js
Requested by: Host: rs.fullstory.com
URL: https://rs.fullstory.com/rec/integrations?OrgId=o-1MNAX9-na1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b604f1e389d668b8535edb53e650780275dfa02e874ecc98c8f72c38662799f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 01:42:47 GMT
content-encoding: gzip
age: 1658
x-guploader-uploadid: ABPtcPo_WewXkEIAmKHfhkDWH0B6iYSsKaQfJaBb2XC3rEWSrg9wpB4bMLIDCviDqa6yyp5jUn-TadPg6Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11986
last-modified: Tue, 09 Apr 2024 19:11:10 GMT
server: UploadServer
etag: "dbb9be044fdb87bb792eb7b0b848a857"
x-goog-generation: 1712689870542441
x-goog-hash: crc32c=StVZlg==, md5=27m+BE/bh7t5LrewuEioVw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 11986
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 May 2024 02:42:47 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
198 B 186ms
186ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://www.silverfort.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:25 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: D7A8E47CE4CC442F8A5F2389DCD6E5DA Ref B: FRAEDGE1406 Ref C: 2024-05-07T02:10:25Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://www.silverfort.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYX07BuKEWEZHX/yrKx7w==

GET
H3 200 zi-tag.js Show response
js.zi-scripts.com/ 9 KB
3 KB 111ms
60ms Script
application/javascript 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4af0b01450048bffd9bb79f9ab3f23695ce50aca800091d3394d69096ca45d6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:26 GMT
x-amz-version-id: El0g.RnAqJPwnFJdxj37HBOCbk.jq3Sb
via: 1.1 9f9a9459e41ff1f18971fa1adf6eb202.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
content-encoding: gzip
x-amz-cf-pop: TXL50-P5
age: 81693
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 May 2024 10:12:33 GMT
server: cloudflare
etag: W/"8c204aa84fdf9cdf3edc033589ee81ca"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 87fdac70be95aca7-TXL
x-amz-cf-id: x98V_L2u8hNjcWRvxXox-GIbKbA7Rmn2_xNabLGGBG8FvL2fRFB02w==

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=08B918BE7A314CDD85BD2C7FD8CFDFCF&RedC=c.clarity.ms&MXFR=2C36C656DFF56AB913B5D22EDBF5646C
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=08B918BE7A314CDD85BD2C7FD8CFDFCF&MUID=2502F32BE92B6322318BE753E8A062B6

42 B
441 B

56ms
55ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=08B918BE7A314CDD85BD2C7FD8CFDFCF&MUID=2502F32BE92B6322318BE753E8A062B6
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.silverfort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 May 2024 02:10:25 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 07 May 2024 02:10:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 60311E447E864A20B78DD439D9A9B132 Ref B: FRA31EDGE0222 Ref C: 2024-05-07T02:10:26Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=08B918BE7A314CDD85BD2C7FD8CFDFCF&MUID=2502F32BE92B6322318BE753E8A062B6
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
939 B 238ms
155ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2492303821&v=1.1&a=4711332&rcu=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&pu=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&t=Using+MITM+to+bypass+FIDO2+phishing-resistant+protection+-+Silverfort&cts=1715047825969&vi=afb59ab925c923c630d3e1edb017dead&nc=true&ce=false&pt=3&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e2057838-084e-4bc0-9e56-24ef46bcdf3f
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 5
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e2057838-084e-4bc0-9e56-24ef46bcdf3f
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qKi7OV%2BQCWHSnQ3LkjJbJzWdHeDkrZPos%2BTbx8Bmw1%2BdU5gE4usdQQsLLlN%2F0PfAmNMIQvaunrS882tCVGpMC89IYzeZEtwFJA9QfGHD%2Bc1XDOlEEIn%2BJ6e8fcYgJI3iJVVrRoEvR%2FKWqPRGoNT7"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-hch7x
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 87fdac70fa0d68fe-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
437 B 245ms
166ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=cee40b47-c2e6-4906-b7ed-988fb760e6f7&fci=3c478aab-2033-4d01-ad79-a786d357baf2&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2492303821&v=1.1&a=4711332&rcu=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&pu=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&t=Using+MITM+to+bypass+FIDO2+phishing-resistant+protection+-+Silverfort&cts=1715047825971&vi=afb59ab925c923c630d3e1edb017dead&nc=true&ce=false&pt=3&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 01600f05-ee98-4222-8494-226fa6c8a4eb
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 13
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 01600f05-ee98-4222-8494-226fa6c8a4eb
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gy13HPRmZVMwdgr%2Fncud0zbP5dOURJ6OiVuhBvKt5tSPHK879y2UuAjtpJSBTvRIFEZuzHYpROFdLhisE%2Bhvxjq6VdwxfU%2Bc2SLUtlMwz1SPWQbP4zj99zK98igeM2bCl1kBp85Ra3%2B30KY9ozc2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-2nptj
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 87fdac70fa0e68fe-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
439 B 241ms
163ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=cee40b47-c2e6-4906-b7ed-988fb760e6f7&fci=3c478aab-2033-4d01-ad79-a786d357baf2&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2492303821&v=1.1&a=4711332&rcu=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&pu=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&t=Using+MITM+to+bypass+FIDO2+phishing-resistant+protection+-+Silverfort&cts=1715047825971&vi=afb59ab925c923c630d3e1edb017dead&nc=true&ce=false&pt=3&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d50f7f39-a8df-4309-b638-64282b322184
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d50f7f39-a8df-4309-b638-64282b322184
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3lRPVZbrBx8mqukNsdgyZr57ZdI9VdIZa7EVCT8PDf9jr8vdCApUFSyLIWGb%2BMqgmuCs9yjKEQlqo7MVhQQjbx4olslXbxb4%2FzP3y3PLLx1NseORETS%2BEBjsJLkByoHvoMziWRYVMuf7MQAdEZJR"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-fsl8l
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 87fdac70fa1068fe-FRA
x-robots-tag: none

GET
H3 200 sf-favicon.svg
www.silverfort.com/wp-content/uploads/2022/05/ 970 B
916 B 58ms
58ms Other
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.silverfort.com/wp-content/uploads/2022/05/sf-favicon.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

822007f1ee0b2b03bbe20ffe8b9a70f67e0a90db5f96ebff323e03cdd9d5dfa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 364306
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 04 May 2022 13:15:00 GMT
server: cloudflare
etag: W/"62727c54-3ca"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: autoplay=*, camera=(self) , cross-origin-isolated=*, display-capture=(self), document-domain=*, encrypted-media=*, geolocation=*, keyboard-map=*, microphone=(self), payment=(self), sync-xhr=*, fullscreen=(self)
cf-ray: 87fdac708e9958e4-TXL

GET
H3 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 153 B
524 B 484ms
484ms Fetch
application/json 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ce5b835dd3601f2c770009462c96a7a5167c3d935001592a700818a1de37830d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer 2c5f54c77f1686749533
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.silverfort.com/
visited_url: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Response headers

date: Tue, 07 May 2024 02:10:27 GMT
via: 1.1 9f9a9459e41ff1f18971fa1adf6eb202.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-cf-pop: TXL50-P5
x-powered-by: Express
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
apigw-requestid: XYMPAhjfPHcEMag=
server: cloudflare
etag: W/"99-lQfyaRuHSHMm1NxCbY7bstXuBOE"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 87fdac746ab04534-TXL
x-amz-cf-id: 2OxsKoJfxuGLvtuvGROwb1VorAv1wU-NQGXqJMOrkxzEZLWrK9ZM-A==

OPTIONS
H3 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 526ms
482ms Preflight 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://www.silverfort.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
apigw-requestid: XYMO8iKPvHcEMlg=
cf-cache-status: DYNAMIC
cf-ray: 87fdac716eb64534-TXL
date: Tue, 07 May 2024 02:10:26 GMT
server: cloudflare
vary: Access-Control-Request-Headers
via: 1.1 9f9a9459e41ff1f18971fa1adf6eb202.cloudfront.net (CloudFront)
x-amz-cf-id: ee9rrz4WA0cL4Ofg_eR0jmxkWW27xmVAqjq4gftk6-gYW3LjsBvBAg==
x-amz-cf-pop: TXL50-P5
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 138ms
138ms Image
image/gif 2.19.96.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6bb0cfb595fd03cafda0442c9d89543c&svisitor=null&visitor=371fff04-eebd-4847-82c8-42b48b8b3930&session=21dd4e3a-3c54-425f-8834-bb34944ec1cf&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2007%20May%202024%2002%3A10%3A26%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2007%20May%202024%2002%3A10%3A25%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%221001%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20Senior%20Security%20Researcher%20Dor%20Segal%20will%20take%20you%20through%20his%20research%20uncovering%20how%20to%20use%20MITM%20attacks%20to%20bypass%20FIDO2.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Using%20MITM%20to%20bypass%20FIDO2%20phishing-resistant%20protection%20-%20Silverfort%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&pageViewId=ef55ac9e-3ab7-4dc7-8443-2270df0275cc&an_uid=0&webTagId=e22665ed-7c2a-460c-8f99-893f904fa3a9&v=1.1.18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.96.153 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-153.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 02:10:26 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 May 2024 02:10:26 GMT

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
298 B 126ms
126ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/x-clarity-gzip
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.silverfort.com
Date: Tue, 07 May 2024 02:10:26 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H3 200 formcomplete.js Show response
ws-assets.zoominfo.com/ 89 KB
27 KB 192ms
140ms Script
application/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-assets.zoominfo.com/formcomplete.js
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d6346e978f8214288a06312ff6006113d1ef96be66755c67b00d4b24490edd4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 564
x-guploader-uploadid: ABPtcPpizhObeTpOIQf8HSTXOE0m3gff0uRIWT04oNjUUq4d2cD5FmHGSgOJ_-R-ax21kvURvvK1Cg_oXg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 17 Apr 2024 11:22:28 GMT
server: cloudflare
etag: W/"d3b4774a46d8fd50ce9d458b28ae8ef3"
x-goog-hash: crc32c=Su6fug==, md5=07R3SkbY/VDOnUWLKK6O8w==
x-goog-generation: 1713352947933858
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 91541
cf-ray: 87fdac77c9bd4541-TXL
expires: Tue, 07 May 2024 03:01:03 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 138ms
138ms Image
image/gif 2.19.96.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6bb0cfb595fd03cafda0442c9d89543c&svisitor=null&visitor=371fff04-eebd-4847-82c8-42b48b8b3930&session=21dd4e3a-3c54-425f-8834-bb34944ec1cf&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2007%20May%202024%2002%3A10%3A27%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2007%20May%202024%2002%3A10%3A26%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20Senior%20Security%20Researcher%20Dor%20Segal%20will%20take%20you%20through%20his%20research%20uncovering%20how%20to%20use%20MITM%20attacks%20to%20bypass%20FIDO2.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Using%20MITM%20to%20bypass%20FIDO2%20phishing-resistant%20protection%20-%20Silverfort%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&pageViewId=ef55ac9e-3ab7-4dc7-8443-2270df0275cc&an_uid=0&webTagId=e22665ed-7c2a-460c-8f99-893f904fa3a9&v=1.1.18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.96.153 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-153.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 02:10:27 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 May 2024 02:10:27 GMT

OPTIONS
H3 200 forms
ws.zoominfo.com/formcomplete-v2/ Frame 0
0 259ms
208ms Preflight
text/html 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.silverfort.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin: https://www.silverfort.com
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87fdac794cde4510-TXL
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 07 May 2024 02:10:27 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

POST
H3 200 forms Show response
ws.zoominfo.com/formcomplete-v2/ 4 KB
1 KB 238ms
195ms Fetch
application/json 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Requested by

Host: www.silverfort.com
URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

596c1cd916d6b3d947fcec51275edb8404e8c5ac386b18fe2cbf9f8e3439206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: bearer 1a1809918fedd90227e6a195226cad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.silverfort.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"e72-ZTdC4/uoAu3hfmo9IvD3OfycFq0"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.silverfort.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray: 87fdac7ae8b84516-TXL

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 345ms
303ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=o-1MNAX9-na1&UserId=acfb152d-d273-40b0-907a-9b3e550f5738&SessionId=ce06a88e-164f-475d-a6a2-4dbe977f4bd9&PageId=4ba24ae2-66f8-4f44-8501-e0f4e8ceef3a&Seq=1&ClientTime=1715047827901&PageStart=1715047825350&PrevBundleTime=0&LastActivity=2363&IsNewSession=true&ContentEncoding=gzip
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 283cbf444d750797ce17071bcbb02a60342bd1ec42e26e5f70ec0b05bc9deae4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.silverfort.com
date: Tue, 07 May 2024 02:10:28 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 153ms
153ms Image
image/gif 2.19.96.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6bb0cfb595fd03cafda0442c9d89543c&svisitor=null&visitor=371fff04-eebd-4847-82c8-42b48b8b3930&session=21dd4e3a-3c54-425f-8834-bb34944ec1cf&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2007%20May%202024%2002%3A10%3A28%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2007%20May%202024%2002%3A10%3A27%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223003%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20Senior%20Security%20Researcher%20Dor%20Segal%20will%20take%20you%20through%20his%20research%20uncovering%20how%20to%20use%20MITM%20attacks%20to%20bypass%20FIDO2.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Using%20MITM%20to%20bypass%20FIDO2%20phishing-resistant%20protection%20-%20Silverfort%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&pageViewId=ef55ac9e-3ab7-4dc7-8443-2270df0275cc&an_uid=0&webTagId=e22665ed-7c2a-460c-8f99-893f904fa3a9&v=1.1.18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.96.153 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-153.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 02:10:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 May 2024 02:10:28 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 139ms
138ms Image
image/gif 2.19.96.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6bb0cfb595fd03cafda0442c9d89543c&svisitor=null&visitor=371fff04-eebd-4847-82c8-42b48b8b3930&session=21dd4e3a-3c54-425f-8834-bb34944ec1cf&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2007%20May%202024%2002%3A10%3A29%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2007%20May%202024%2002%3A10%3A28%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224004%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20Senior%20Security%20Researcher%20Dor%20Segal%20will%20take%20you%20through%20his%20research%20uncovering%20how%20to%20use%20MITM%20attacks%20to%20bypass%20FIDO2.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Using%20MITM%20to%20bypass%20FIDO2%20phishing-resistant%20protection%20-%20Silverfort%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&pageViewId=ef55ac9e-3ab7-4dc7-8443-2270df0275cc&an_uid=0&webTagId=e22665ed-7c2a-460c-8f99-893f904fa3a9&v=1.1.18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.96.153 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-153.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 02:10:29 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 May 2024 02:10:29 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
373 B 164ms
73ms XHR
application/json 130.211.34.183
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1715047829608

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

130.211.34.183 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

183.34.211.130.bc.googleusercontent.com

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Tue, 07 May 2024 02:10:29 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.silverfort.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 21
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 139ms
138ms Image
image/gif 2.19.96.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6bb0cfb595fd03cafda0442c9d89543c&svisitor=null&visitor=371fff04-eebd-4847-82c8-42b48b8b3930&session=21dd4e3a-3c54-425f-8834-bb34944ec1cf&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2007%20May%202024%2002%3A10%3A30%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2007%20May%202024%2002%3A10%3A29%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225004%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20Senior%20Security%20Researcher%20Dor%20Segal%20will%20take%20you%20through%20his%20research%20uncovering%20how%20to%20use%20MITM%20attacks%20to%20bypass%20FIDO2.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Using%20MITM%20to%20bypass%20FIDO2%20phishing-resistant%20protection%20-%20Silverfort%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.silverfort.com%2Fblog%2Fusing-mitm-to-bypass-fido2%2F&pageViewId=ef55ac9e-3ab7-4dc7-8443-2270df0275cc&an_uid=0&webTagId=e22665ed-7c2a-460c-8f99-893f904fa3a9&v=1.1.18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.96.153 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-153.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.silverfort.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 07 May 2024 02:10:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 07 May 2024 02:10:30 GMT

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.silverfort.com/	1970-01-20 20:24:09	Name: __cf_bm Value: 3FqEW3MrX4ut.CgUU_S7ou72bzaK7ImPOvcKWQ2NehM-1715047823-1.0.1.1-ER88p3sSgAB6zYmsovcJJk5YRZKYDeeRvo1zst_YGQjKznH0j7WhH8tsJd9AejsUHadkHoIWa6v1iEZPuexKqw
.hsforms.net/	1970-01-20 20:24:09	Name: __cf_bm Value: qZyFwtKKRg5E3gkHoh8VVIipY8IChz4zqMx7MJeDZpc-1715047824-1.0.1.1-9Z7JFeVJN1Os_JpUBsPGELAFykKxRVLkLZe1Pcbd2W.IBoeXWtZ6NAe0ly3gvVyP1ESk0QLFCtbViW3Oy.C1dQ
.silverfort.com/	1970-01-20 22:33:43	Name: _gcl_au Value: 1.1.1739193172.1715047824
.silverfort.com/	1970-01-21 06:00:07	Name: _ga_4052YMBRRZ Value: GS1.1.1715047824.1.0.1715047824.0.0.0
.silverfort.com/	1970-01-21 06:00:07	Name: _ga Value: GA1.2.431862802.1715047824
.silverfort.com/	1970-01-20 20:25:34	Name: _gid Value: GA1.2.1898965227.1715047825
.silverfort.com/	1970-01-20 20:24:07	Name: _gat_UA-145009438-1 Value: 1
.silverfort.com/	1970-01-20 22:33:43	Name: _rdt_uuid Value: 1715047824546.3cf9cfbe-5e24-455d-b0d9-930a1ade34c6
.silverfort.com/	1970-01-20 20:25:34	Name: _uetsid Value: f70f7ca00c1611ef81bc3f80026da483
.silverfort.com/	1970-01-21 05:45:43	Name: _uetvid Value: f70f86500c1611ef9af937ade4fa8d8d
.silverfort.com/	1970-01-21 05:09:43	Name: mp_2b4b70b0998bc533b02aea02ccfb5e95_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18f50d0fce0450-088705606fba27-26001d51-1d4c00-18f50d0fce0450%22%2C%22%24device_id%22%3A%20%2218f50d0fce0450-088705606fba27-26001d51-1d4c00-18f50d0fce0450%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.bing.com/	1970-01-21 05:45:43	Name: MUID Value: 2502F32BE92B6322318BE753E8A062B6
.silverfort.com/	1970-01-20 22:33:43	Name: _fbp Value: fb.1.1715047824744.2061175567
.silverfort.com/	1970-01-21 05:09:43	Name: _lfa Value: LF1.1.8b056847b80f7d58.1715047824747
.silverfort.com/	1970-01-21 05:09:43	Name: _hjSessionUser_3289733 Value: eyJpZCI6Ijg4MDE0MmY0LTJlMzItNTkxNS05OTNjLTY1N2IxMGY2NDQzMyIsImNyZWF0ZWQiOjE3MTUwNDc4MjQ4MTYsImV4aXN0aW5nIjpmYWxzZX0=
.silverfort.com/	1970-01-20 20:24:09	Name: _hjSession_3289733 Value: eyJpZCI6IjVhNTg3YWUyLWRiYTEtNGIwOS1iNTJkLTBlY2ZiMDljZjhmMCIsImMiOjE3MTUwNDc4MjQ4MTcsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.linkedin.com/	1970-01-20 22:33:43	Name: li_sugr Value: 39b55dc4-29e7-4e2d-8801-5edbc9449228
.linkedin.com/	1970-01-21 05:09:43	Name: bcookie Value: "v=2&194129e8-53b9-4a3c-891f-85f5994568b5"
.linkedin.com/	1970-01-20 20:25:34	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=3188:u=1:x=1:i=1715047824:t=1715134224:v=2:sig=AQEC6sGFY4F9pxLGdPUED_eFeuZSj6Ft"
www.clarity.ms/	1970-01-21 05:09:43	Name: CLID Value: 463197fb9eb74b3ba168746d34a82f71.20240507.20250507
.silverfort.com/	1970-01-21 05:09:43	Name: _clck Value: 1n51ceq%7C2%7Cflk%7C0%7C1588
.linkedin.com/	1970-01-20 21:07:19	Name: UserMatchHistory Value: AQJFJLW8zdd2zQAAAY9Q0P5BDeEt3Mh0-INFvNP9wDKawbykAsgrr_G9yiJrVoYVSJRNDV2UT1fyJw
.linkedin.com/	1970-01-20 21:07:19	Name: AnalyticsSyncHistory Value: AQJ68W1GnIcKPgAAAY9Q0P5BpzuFv1QVhzVy6vsBDfipN76P1Rm57_oWrNtvtCc9iyhKQIpG4XOLmq_seknC_A
.hsforms.com/	1970-01-20 20:24:09	Name: __cf_bm Value: dB.AKz7To9DGzK_8MRd5PCKq_h9zRpKtmUfth1gGBqM-1715047825-1.0.1.1-sRbnVvX_ZFShDOOkv57jxdG3bVH1tAKDdG_.taMEnbEiDUE19tfOqXNlr.CPIcwS582o3yJ46kl_qBbq2bQ5Og
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: gXxkkVo9blE78Dib_Rg7WbpZrT6Obb1SsZ6BgIJpUKs-1715047825164-0.0.1.1-604800000
.www.linkedin.com/	1970-01-21 05:09:43	Name: bscookie Value: "v=1&20240507021025190739d6-f611-45a2-8a1b-d6a363d7d759AQEBV4cedZPRdlbL66cFa48DTgPBeAdl"
.linkedin.com/	1970-01-21 00:43:19	Name: li_gc Value: MTswOzE3MTUwNDc4MjU7MjswMjExZzJKrs/G7twQUY4pwHbg8Ldew+Sj4YjQ7ZmrKcR84w==
.adnxs.com/	1970-01-21 06:00:07	Name: receive-cookie-deprecation Value: 1
www.silverfort.com/	1970-01-20 20:34:12	Name: _an_uid Value: 0
www.silverfort.com/	1970-01-21 06:00:07	Name: _gd_visitor Value: 371fff04-eebd-4847-82c8-42b48b8b3930
www.silverfort.com/	1970-01-20 20:24:22	Name: _gd_session Value: 21dd4e3a-3c54-425f-8834-bb34944ec1cf
.silverfort.com/	1970-01-20 20:24:09	Name: fs_lua Value: 1.1715047825348
.silverfort.com/	1970-01-21 05:09:43	Name: fs_uid Value: #o-1MNAX9-na1#acfb152d-d273-40b0-907a-9b3e550f5738:ce06a88e-164f-475d-a6a2-4dbe977f4bd9:1715047825348::1#/1746583826
.silverfort.com/	1970-01-20 20:25:34	Name: _clsk Value: r218tl%7C1715047825708%7C1%7C1%7Cu.clarity.ms%2Fcollect
.silverfort.com/	1970-01-21 00:43:19	Name: messagesUtk Value: 914b2ed1c967468ba91c81aeeca4f7ce
.hubspot.com/	1970-01-20 20:24:09	Name: __cf_bm Value: ZBujjKd8pUbkBbguKtjKdioG8F8xegVoiyXxynLGJuI-1715047826-1.0.1.1-jWYOOIl6dBnawsPS1GOkiKsB9KGzrpaPdzWAXBt_jd4G6jxrWazS8YFitbXL3XX1avxVlDxnaTF.3BIUX5hz5w
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 0joDGIN2yQ4wGoSa1uaBWAuKYmQ575lgHsnyg.nBQzs-1715047826142-0.0.1.1-604800000
.c.bing.com/	1970-01-20 20:34:12	Name: MR Value: 0
.c.bing.com/	1970-01-21 05:45:43	Name: SRM_B Value: 2502F32BE92B6322318BE753E8A062B6
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 05:45:43	Name: MUID Value: 2502F32BE92B6322318BE753E8A062B6
.c.clarity.ms/	1970-01-20 20:34:12	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 20:24:08	Name: ANONCHK Value: 0
.www.silverfort.com/	1970-01-21 05:09:43	Name: _zitok Value: bf2265fa10f467be627b1715047826
.zoominfo.com/	1970-01-20 20:24:09	Name: __cf_bm Value: by5exg9X9pL_O4Uw0wE2XIukwtRDlF1bPrm_4FqfThc-1715047827-1.0.1.1-6Tz1gF4xAM95TYWsfj6Tc8LqxfyvCVB.hB3XzVulrTDLw90MIj92ttjLNghiBQCx24I3hQkLuWQS_LYKjvypxQ
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 7XiKG9yO2TS4usQxa4bm41GPURGwdssqbk8EnrS_.aA-1715047827264-0.0.1.1-604800000

81 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/2473005616322330?v=2.9.155&r=stable&domain=www.silverfort.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.silverfort.com/blog/using-mitm-to-bypass-fido2/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
api-js.mixpanel.com
api.hubspot.com
app.hubspot.com
b.6sc.co
bat.bing.com
c.6sc.co
c.bing.com
c.clarity.ms
cdn.mxpnl.com
cdnjs.cloudflare.com
client-registry.mutinycdn.com
connect.facebook.net
cta-service-cms2.hubspot.com
edge.fullstory.com
embed.interactivecalculator.com
epsilon.6sense.com
fonts.googleapis.com
forms-na1.hsforms.com
forms.hsforms.com
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
js.hubspot.com
js.usemessages.com
js.zi-scripts.com
munchkin.marketo.net
p.typekit.net
perf-na1.hsforms.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
rs.fullstory.com
sc.lfeeder.com
script.hotjar.com
secure.adnxs.com
settings.luckyorange.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
tools.luckyorange.com
tr.lfeeder.com
track.hubspot.com
u.clarity.ms
unpkg.com
use.typekit.net
ws-assets.zoominfo.com
ws.zoominfo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
www.silverfort.com
www.youtube.com
104.102.38.132
104.16.117.43
104.17.25.14
104.18.141.119
104.18.80.204
13.107.42.14
13.32.27.19
130.211.34.183
141.193.213.20
142.250.184.228
151.101.1.140
151.101.65.91
172.64.150.44
18.66.102.11
18.66.112.30
185.89.210.212
2.19.96.153
2001:4860:4802:32::36
216.58.206.67
2600:1901:0:bc29::
2600:9000:211e:1400:18:6c16:27c0:93a1
2600:9000:223f:b200:18:4dfd:7240:93a1
2600:9000:2250:5800:4:d7e1:700:93a1
2606:4700:4400::ac40:991b
2606:4700::6810:4e8e
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:8ad1
2606:4700::6810:a0a8
2606:4700::6811:df98
2606:4700::6811:f8cb
2620:1ec:21::14
2620:1ec:46::67
2620:1ec:c11::237
2a00:1450:4001:80b::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9d
2a02:26f0:480:23::1726:62a7
2a02:26f0:480:f::213:7ed1
2a02:26f0:480:f::213:7edb
2a02:26f0:480:f::213:7edd
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:600::396
3.125.10.216
34.107.203.234
35.186.194.58
35.201.112.186
4.227.249.197
68.219.88.97
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
08641f81a1cad2dd12587dda89aada31d41b0cd118a7f36f49d8ad35c73a24e2
0b4f6072ed35d49e569a622580032c9e3f2c22b068a4d18bf867e82f10c0f77d
0d562a162d1808daeb31483332fd804d96d8a5ffc5f9998a7605c7f6fe12ffbb
0e2088bbe79e60715b8ea7be7665905ec26d224d243496576ad25a6eb9e6b5f4
0f790bb4c8aab0ba674aa0590ba1b0c29ddbd1ea3c6005491fafd343be6772dd
0fea224918286372880968666830eac937a5606b2599a3542f408d60d66c7d96
100cc029535a3be566618b073bb9815fea13ea722b029fd858b3a466396d50f5
1063b9bc807c19566f1e78df05ceead7b5236032d7d66c9cd47f44e194668d74
141ac568be4ebb63260741515cc6e4a81fe3abaa2599567ed81922801800fc5a
1442bd1e775db156e5e8dfdac18d3363e323fe5dcaa648224124fb898b97b441
14b8d22e31a2bd97f7a47cecc9e22abe6a70ddc3a33c205af5287145861e62dd
156b381819247eb013bfd7ad6cd96fed291f0a1bfb55206c8e644bb42576c5c7
1611e9febfc2c5a924ea7d5a124825e67902cee3b4288c5020a059e081c725a3
16df2a51ca1cfc0a2169f0f6934813948b864bbd0589a5b58c0c0c8fa27119a1
17d79bd57963e613104e36acc3557b916f995b40a26978aea5b3e339f714bae6
19be36b532c3147a005317cbc940c69b7137c7980a462525055393d3cfd20b30
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c64c14fa68916dba409ddf0e38ca5dc8bd262b959a5814ecb6667096b35efa5
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1d85a9a8a0c664f61a19377e5846769cce64d963e29001f56403926e63033f31
1da8f170c3865aeacd91c9b95531baec2b5dcd16174220092e3a3695ba6ef456
21826e531e656e94ed03199882cdc37f4af9946aeed1a3f63c1e9218ae8142f5
258686c2fa79c237191fa2c326ca776cb408726eaafeac2babda7ca175c430fe
26fb7924002a4374b9ac7f10df7ef2027a7af2c271604dcdd4d3c97f75abf89c
283cbf444d750797ce17071bcbb02a60342bd1ec42e26e5f70ec0b05bc9deae4
2eb1e3899477e39c0e5de2336778167814e5df5aed883f2d0503eef27682d061
2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
333ce4aa2e95b8315e5de6da461164554399f77d44ea94b4cba378c8df8c1065
37720dbcab5427116c276e8b750bb4a7da41a7d3d5662ccdf92a3fee530fc28d
38e9ade7cb9f7a31a4525f2a70c4bdd2529340926202641bbbda8d655df8c0c3
38f8206d84ed8658e4f4fee5a71d757d475b03767e5e7eb1e7cb770f6ab2cd3e
3a3fcee601e829af094ce197af4a7e839296ac3a944dd8f6673997586c57a385
3b604f1e389d668b8535edb53e650780275dfa02e874ecc98c8f72c38662799f
3cca5cf5bfa14b32647fc12c6e52b050c2504f12794184725a74f49fe68e84d9
3ee78165676c8fd7079050f30ee808faab2dd707ddd8ebbcdea2943853d1fda5
46b5a8e3460a7ec8fe6043ade762bc40d18735c3db77a68e4bead56b3de7f355
484e3314b6d01584a907a704ab20f69c8a7b0dd1db0b34fa049bc5401c445b2c
4ff1ee92c25bee97807d0b75b86156196b636ac7a8d3ab55a277388bcab7fc0b
514fe49518da7f9010183ba6b83a8655bb93041d9de86cb22565a419836225c6
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
57bd3463acfad02c222f7beac208f69df5507f7de42fa38b18a1e1e48df2a44a
57ff88bcf73a9a1211529bbab1275b88f0a645549b655fdcec74666feb1aaa3d
581f3f804bf3ae2c8cd5505539a41bfbc043704513283283769e9eed49797e13
596c1cd916d6b3d947fcec51275edb8404e8c5ac386b18fe2cbf9f8e3439206e
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5ccbbbd7bfaa69922db78b5327050dbb741aacef0557cd715472b815141c3d6e
5d6346e978f8214288a06312ff6006113d1ef96be66755c67b00d4b24490edd4
5e6f3987e72cefef4a63462c2f40066c64d51ecbabc1f357c32bc573cbcb1c4c
6004cc3ebe58ae4014aff5bafabee6510527938fb5005c127c55f14ba1f860fc
6343c092123772a2e0d5ae9ec4b4372693390388ede4937b2556e28ab475122d
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
693536d3b81f85a299e9366761047ca164057eaaaa6b17ff1b9effd072a56131
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
699713f69dbd2387b7c3b57204bcdc3d86d3ac350718a7ad65a5293e0d2c53eb
6a02b0be8edb24cf8291d277df9300321fc83ca0f0aebce35968c9e7eb97da30
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
74f8c559ca8f4a1f978a752ed616c18b92701dbca5a0cc21a4d1e5f8d6062627
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
78703497c391d3b52f4fd3404f4f54925e1f45f923ccf55035b7c01801ca9b69
7a1e3841a248b8799e00d97ad488aeb8fda77869b673e64608e9b53d6fad24ff
7f5f8d611f98a4907e7b88ae386c286a2a7407a4b3f01b628fa158c2ba9025da
822007f1ee0b2b03bbe20ffe8b9a70f67e0a90db5f96ebff323e03cdd9d5dfa3
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
835d4f658b1f9809f57be8bdaf784aa2bd684d832857018de5bd4d265b0fb933
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87a9dc9be70cd0233d8ce1e472fe0751e178b7a1a42f5adde35f275ef0cefcc3
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
8cdaab53427ca864aad95489040155b013317a228ec58c1ee10618f505fb8673
919573c7c6dbf66ad9f2adba0c41117e48003d559cbfb87fc833ad0f199fbe17
9502449ac2b03f78eb752b6b2a97180ae5b698da4a77c6ebd957a1c39e0890d5
95ef911fcf12dfe0a1fb5b17a3b24fa81c6b07b102b435949b06e7e124de51cb
98e67b7c00d3ed50871865e8acf0381d72b909eb2360b56261061c9be60bde9e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a21da61d636ea66bd58bb96e3ddb6c249c9d6f47fe371d084c71bee2099444f1
a2cca075f0eb528e1eef09c3ac29372cb11f3daed3fc2d2bb548d05d1149a338
a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423
a34ff3a310804bb66fa12932379e85219e0f423fd1031aaf21023d3d0e19dc0e
a4af0b01450048bffd9bb79f9ab3f23695ce50aca800091d3394d69096ca45d6
ae1e4f7a09a58b0e8f9f3a0ae0e3e89186ca858e5cdcf31e9405b1cc826bede5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b07871da02311868c31ab6ac5a4e78cc877f118acd854857f6f51519f3ddbbc9
b09bdbf565d50102894b31146a8ecea9cff952ed9a365753185ce4b22fd818cf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1
b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608
b8853b94d509d7d8c52eb89933a7bf62d5eef8237ec44dc7357a5d1dfe7d421c
bc0b8e8cf4d354da992e3b614bc221c793e74ee11ad6ab9760b3cd965d14c66b
bc6ac9525a76d6595299967d130d28aa8a886b759dd855f6e6a47862a0d53a08
bdea7749e067619567677cb41850cd361c9fff999b06a9652ce2203337f8422b
bfcc2143b6f0635117b7354d9c0965778cd10168c10ca661d0ce42af30820951
bfcdd3e25fd9408f29e85fd42c12bea31ab7457b70442b51543c52874ad3d9d6
c06593065d525cac7ffb626221f4edad2e94791edd7c71bb8573c3600567cb19
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c3dc83cc4fb3fc6535c5e5fb061fc5ea193f7ff61c5e8f539f76c68b42d80a40
c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7
c58bf691bed30f03ca1587d29508d54f7aef5439671b6e99d8a3104382f54b2f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd00c79e4bbf06794b0851af6b891c002601933c8b9d0cef5bf18427c62c699c
ce5b835dd3601f2c770009462c96a7a5167c3d935001592a700818a1de37830d
cfb6ea70d464c88b03728fe77f38a7400f7a3b1b5b0eaaae5817844d730e8cbd
d454566fbbab8fcbc70a1c3139be25be5205712442564fe24a5e0258e3337a98
d4c3a8a5b9872e14d78458960fe22e79537f60b9e0992dfe4a9c4af80cab53ce
d557435e48cd67d8e39c4c1b1965425737d49ca4ff4aa0e17829d6875da059b3
d9bb829f8d70641154b1f50b85d90ae2fce8628ecffe8575481b54311233c842
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
db2330db02efad9a7501712f8daf6deba69477e1dc32e14f602802b43704aa63
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcdf21a6b494b8e5b51a129c4c4df142b084680ecff3adc04a6810e05d1aac29
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2a018dcccd2ebd4e0dee556e61a7fc5b4cbe8959477dd89b15cde3c86ba27fa
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b82cf334e70a450ecf59d4d92355d1cb408b1a95f028decb50c597ac53e42d
e8903e555bd60b3e66725a7316fa1c399c1c330b6f207dfbf294e287857d526c
eed41333a0a7886e0b3d45191e2769d69aab5321e37e91e51471c88a9106d40f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efce7d4dfdff6ca56599601f0d4fdd12a19fd7e448109fddfad9a9a0f10df6e2
f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2
f1e4c18549167223af672ff319ac7293d52e09fd02544d08d4166078b5f36c4d
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510
f6aa05df1d902f41bdc3e044644cb660eb1c0d0edf6b2e5f895caf754c716cd5
f9ad6189a89fa41bfd756d25eee3c9f779e2278f4d450a5c936d80353b397505
fa3159ad1e5deb4efdc091354d34e2fcbc511a9a2778775384786425af09b8c8
fa69a53942a2be0a90f3c783899afdcef6484bd89e3f32c355f4bb471164eda5
fa7ac447f1e5fd653b0748002d219a1ffb3e2f4da064f692b02a691e6c1d6f92
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff4a78009e4666bfc1d9df7459b4af5973a1203c293c3a6d63095224c972b912

www.silverfort.com Open in urlscan Pro 141.193.213.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

156 Requests

99 %HTTPS

54 %IPv6

41 Domains

62 Subdomains

53 IPs

5 Countries

2450 kBTransfer

7270 kBSize

46 Cookies

9 Outgoing links

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.silverfort.com Open in urlscan Pro
141.193.213.20 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

99 %
HTTPS

54 %
IPv6

41
Domains

62
Subdomains

53
IPs

5
Countries

2450 kB
Transfer

7270 kB
Size

46
Cookies

156 HTTP transactions
10 data transactions