discuss.hashicorp.com Open in urlscan Pro
2602:fd3f:3:ff02::2b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Submission: On February 27 via api (February 27th 2023, 4:56:41 pm UTC) from US — Scanned from DE

Summary HTTP 72 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 72 HTTP transactions. The main IP is 2602:fd3f:3:ff02::2b, located in United States and belongs to HURRICANE, US. The main domain is discuss.hashicorp.com. The Cisco Umbrella rank of the primary domain is 234466.
TLS certificate: Issued by R3 on January 30th 2023. Valid for: 3 months.

This is the only time discuss.hashicorp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2602:fd3f:3:f... 2602:fd3f:3:ff02::2b	6939 (HURRICANE) (HURRICANE)
33	2600:9000:21f... 2600:9000:21f3:9000:2:1e0:a480:93a1	16509 (AMAZON-02) (AMAZON-02)
31	2600:9000:21f... 2600:9000:21f3:2a00:1c:507a:72c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
72	7

3 2602:fd3f:3:ff02::2b (United States)

ASN6939 (HURRICANE, US)

discuss.hashicorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2600:9000:21f3:9000:2:1e0:a480:93a1 (United States)

ASN16509 (AMAZON-02, US)

global.discourse-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2600:9000:21f3:2a00:1c:507a:72c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sea2.discourse-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	discourse-cdn.com global.discourse-cdn.com — Cisco Umbrella Rank: 38266 sea2.discourse-cdn.com — Cisco Umbrella Rank: 56159	1 MB
3	hashicorp.com discuss.hashicorp.com — Cisco Umbrella Rank: 234466	29 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	2 KB
1	gstatic.com fonts.gstatic.com	44 KB
72	5

	Domain	Requested by
33	global.discourse-cdn.com	discuss.hashicorp.com
31	sea2.discourse-cdn.com	discuss.hashicorp.com global.discourse-cdn.com
3	discuss.hashicorp.com	discuss.hashicorp.com global.discourse-cdn.com
2	www.google-analytics.com	global.discourse-cdn.com www.google-analytics.com
2	fonts.googleapis.com	sea2.discourse-cdn.com
1	fonts.gstatic.com	fonts.googleapis.com
72	6

This site contains links to these domains. Also see Links.

Domain
hashicorp.com
github.com

Subject Issuer	Validity	Valid
discuss.hashicorp.com R3	`2023-01-30` - `2023-04-30`	3 months	crt.sh
global.discourse-cdn.com Amazon RSA 2048 M01	`2023-02-08` - `2024-03-08`	a year	crt.sh
sea2.discourse-cdn.com Amazon RSA 2048 M02	`2023-02-08` - `2024-03-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Frame ID: 47B3FBBFA830D99471063E2521C52338
Requests: 74 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HCSEC-2023-4 - go-getter vulnerable to denial of service via malicious compressed archive - Security - HashiCorp Discuss

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

72
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

1393 kB
Transfer

6655 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://hashicorp.com/

Search URL Search Domain Scan URL

URL: https://github.com/hashicorp/go-getter
Title: go-getter 8

Search URL Search Domain Scan URL

URL: https://hashicorp.com/security
Title: https://hashicorp.com/security

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 50125 Show response
discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/ 167 KB
28 KB 627ms
237ms Document
text/html 2602:fd3f:3:ff02::2b
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:fd3f:3:ff02::2b , United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx /

Resource Hash

919fdc9898ad549409047b4493e59034fd807b888f2b12639cd27807f2268f68

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'none'; script-src https://discuss.hashicorp.com/logs/ https://discuss.hashicorp.com/sidekiq/ https://discuss.hashicorp.com/mini-profiler-resources/ https://global.discourse-cdn.com/hashicorp/assets/ https://global.discourse-cdn.com/hashicorp/brotli_asset/ https://discuss.hashicorp.com/extra-locales/ https://sea2.discourse-cdn.com/hashicorp/highlight-js/ https://sea2.discourse-cdn.com/hashicorp/javascripts/ https://sea2.discourse-cdn.com/hashicorp/plugins/ https://sea2.discourse-cdn.com/hashicorp/theme-javascripts/ https://sea2.discourse-cdn.com/hashicorp/svg-sprite/ https://www.google-analytics.com/analytics.js 'sha256-Gty3/aPWFfSvz7pdT39HY97/+2opLup9V0L19ZF0IwY='; worker-src 'self' https://global.discourse-cdn.com/hashicorp/assets/ https://global.discourse-cdn.com/hashicorp/brotli_asset/ https://sea2.discourse-cdn.com/hashicorp/javascripts/ https://sea2.discourse-cdn.com/hashicorp/plugins/; frame-ancestors 'self'; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
cdck-proxy-id: app-router-tiehunter01.sea2 app-balancer-tieinterceptor1b.sea2
content-encoding: gzip
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'none'; script-src https://discuss.hashicorp.com/logs/ https://discuss.hashicorp.com/sidekiq/ https://discuss.hashicorp.com/mini-profiler-resources/ https://global.discourse-cdn.com/hashicorp/assets/ https://global.discourse-cdn.com/hashicorp/brotli_asset/ https://discuss.hashicorp.com/extra-locales/ https://sea2.discourse-cdn.com/hashicorp/highlight-js/ https://sea2.discourse-cdn.com/hashicorp/javascripts/ https://sea2.discourse-cdn.com/hashicorp/plugins/ https://sea2.discourse-cdn.com/hashicorp/theme-javascripts/ https://sea2.discourse-cdn.com/hashicorp/svg-sprite/ https://www.google-analytics.com/analytics.js 'sha256-Gty3/aPWFfSvz7pdT39HY97/+2opLup9V0L19ZF0IwY='; worker-src 'self' https://global.discourse-cdn.com/hashicorp/assets/ https://global.discourse-cdn.com/hashicorp/brotli_asset/ https://sea2.discourse-cdn.com/hashicorp/javascripts/ https://sea2.discourse-cdn.com/hashicorp/plugins/; frame-ancestors 'self'; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 16:56:36 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Accept
x-content-type-options: nosniff
x-discourse-cached: skip
x-discourse-route: topics/show
x-discourse-trackview: 1
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: a3885248-04d7-4ff9-87e3-e6039a6b5d76
x-xss-protection: 0

GET
H2 200 start-discourse-828d11e331bbb2c63061d9ce5c7616d6d724c717cf56f1b7090efcde9ad47664.br.js Show response
global.discourse-cdn.com/hashicorp/assets/ 870 B
915 B 68ms
15ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/start-discourse-828d11e331bbb2c63061d9ce5c7616d6d724c717cf56f1b7090efcde9ad47664.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 828d11e331bbb2c63061d9ce5c7616d6d724c717cf56f1b7090efcde9ad47664

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 16:58:26 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: jTwg51gheBr.KfFwpm99QdwEFflVE4n_
age: 604690
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 438
x-cdck-cacheable: True
last-modified: Tue, 24 Jan 2023 15:32:45 GMT
server: AmazonS3
etag: "3410727e60b9aafd58045281b4c8fbd7"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: ckJD8RVvINWf4vUlvbgBOWMo1DIkVxE9UxFzlC4C0HnG5PXgx1Zawg==

GET
H2 200 browser-update-331e86c77ddeff594308c27802669aeffae5f4ffddf9565a44e67d119278ae51.br.js Show response
global.discourse-cdn.com/hashicorp/assets/ 3 KB
2 KB 67ms
14ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/browser-update-331e86c77ddeff594308c27802669aeffae5f4ffddf9565a44e67d119278ae51.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 331e86c77ddeff594308c27802669aeffae5f4ffddf9565a44e67d119278ae51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:05:12 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: taFENaP9RSTPZ9SXW_tfALsbyudlEk2N
age: 327085
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1270
x-cdck-cacheable: True
last-modified: Thu, 23 Feb 2023 22:03:55 GMT
server: AmazonS3
etag: "e80279d912df0745d604e7b25477d08a"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: b7v471tNvIAg7qzDT12YFCFukDJD4L9ptReoKzE-7JhrolmWzr2Qfg==

GET
H2 200 browser-detect-18068a2d9ee3b1943a0bea70aa916d391f1dc6c03eeb7917ead5d6e0a637321a.br.js Show response
global.discourse-cdn.com/hashicorp/assets/ 1 KB
1 KB 68ms
16ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/browser-detect-18068a2d9ee3b1943a0bea70aa916d391f1dc6c03eeb7917ead5d6e0a637321a.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18068a2d9ee3b1943a0bea70aa916d391f1dc6c03eeb7917ead5d6e0a637321a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 16:58:26 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: 7tCOCiJohAufB2g63xlrPUmMIbkBvn_G
age: 604690
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 569
x-cdck-cacheable: True
last-modified: Tue, 24 Jan 2023 15:32:44 GMT
server: AmazonS3
etag: "4a68cca55ef8915b9ad208606102673a"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: rVl_bS1zngGsP0N_x1uCjLtcm5GKgbuPSRfSH-8PpkVckZ_2I6oV9A==

GET
H2 200 en-8f98ad7d49300261e98d45aa436060e44303d8a7a20ffcf59bde9516d302b408.br.js Show response
global.discourse-cdn.com/hashicorp/assets/locales/ 362 KB
82 KB 69ms
16ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/locales/en-8f98ad7d49300261e98d45aa436060e44303d8a7a20ffcf59bde9516d302b408.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 195e28a1e5287cd7b3b55fcc813af7f93bc645d589847f282c737158e70da293

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:51 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: zUW.UTNITGbigQ6E_NZAs7RQ3R60BIwH
age: 311026
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 83753
x-cdck-cacheable: True
last-modified: Fri, 24 Feb 2023 02:31:32 GMT
server: AmazonS3
etag: "b749f4094a01dea36e4d166e22c94453"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: FHJW7MF3erKg9-jw1B2jR_yTC8YNh23tS9x6RoPwMcAUftgv6y9ojg==

GET
H2 200 overrides Show response
discuss.hashicorp.com/extra-locales/ 250 B
717 B 176ms
173ms Script
application/javascript 2602:fd3f:3:ff02::2b
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://discuss.hashicorp.com/extra-locales/overrides?v=74509ce8028f0af611f08047984b958a

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:fd3f:3:ff02::2b , United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx /

Resource Hash

a8e09251c8114b58782d5b2063c0fbadbaf1d54f404d58475bc939889bc78019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 16:56:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-permitted-cross-domain-policies: none
x-discourse-route: extra_locales/show
x-xss-protection: 0
x-request-id: 52132af8-567b-4a81-8e92-5d470a6e65fc
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-download-options: noopen
vary: Accept-Encoding, Accept
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31556952, public, immutable
cdck-proxy-id: app-router-tiehunter01.sea2, app-balancer-tieinterceptor1b.sea2

GET
H2 200 vendor-f2e959203bc406b4698a4388ad51464d9ee2c5ff7b4011f332b7d88c6ce5dab8.br.js Show response
global.discourse-cdn.com/hashicorp/assets/ 1 MB
264 KB 106ms
54ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/vendor-f2e959203bc406b4698a4388ad51464d9ee2c5ff7b4011f332b7d88c6ce5dab8.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2e959203bc406b4698a4388ad51464d9ee2c5ff7b4011f332b7d88c6ce5dab8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:05:12 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: SnBc6GkXEug2DtvcLxFKPqPKNoSVnlH6
age: 327085
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 269400
x-cdck-cacheable: True
last-modified: Thu, 23 Feb 2023 22:03:54 GMT
server: AmazonS3
etag: "0c50a78600feb8fe6792e1c32cf7b013"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: zfOsUhoKNyGbRd6AiNVFq8qL1V8QasGfZGLu4C8H5_kabbauzXsOEw==

GET
H2 200 chunk.701.99a58382eaad40a4c771-3ffe4dc5846df8f01751d3a862c7eee0c5627f8ccbcb71f3ceb6a3c0ab8829ad.br.js Show response
global.discourse-cdn.com/hashicorp/assets/ 286 KB
80 KB 128ms
76ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/chunk.701.99a58382eaad40a4c771-3ffe4dc5846df8f01751d3a862c7eee0c5627f8ccbcb71f3ceb6a3c0ab8829ad.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ffe4dc5846df8f01751d3a862c7eee0c5627f8ccbcb71f3ceb6a3c0ab8829ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:51 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: AZujwV.JMkJ1IPIZrnYYBZ00qCe5ziGK
age: 311026
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 81854
x-cdck-cacheable: True
last-modified: Fri, 24 Feb 2023 02:31:44 GMT
server: AmazonS3
etag: "7f27848a55f467da0c9e05628f121aa1"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: aLh79E36p04I0P2uFc-vZOcxYi0gTXbYXqj9WLGvwcHO6I0e500M1Q==

GET
H2 200 chunk.143.72617febbc1da27b688c-7f33a6100922bd216598ea0fbed9c5f55178745d7d0be12f4f1f4fd6b67fb0ec.br.js Show response
global.discourse-cdn.com/hashicorp/assets/ 4 KB
2 KB 131ms
80ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/chunk.143.72617febbc1da27b688c-7f33a6100922bd216598ea0fbed9c5f55178745d7d0be12f4f1f4fd6b67fb0ec.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f33a6100922bd216598ea0fbed9c5f55178745d7d0be12f4f1f4fd6b67fb0ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:51 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: F1Y3T3cNJ7v2YNibyY.wLlwRTiKCJEyb
age: 311026
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1350
x-cdck-cacheable: True
last-modified: Fri, 24 Feb 2023 02:31:44 GMT
server: AmazonS3
etag: "8262d36d070fad7f1f76ec1805573e4b"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: DwfAhdV6YuPE9AT9v1s1VQsMuUR6RB0OKn2QilvRCGujfxH9sqL8pA==

GET
H2 200 discourse-57004e9962b88dbcdd86c0e42e4e9963f81ee342328649898bcd71f68333a21c.br.js Show response
global.discourse-cdn.com/hashicorp/assets/ 3 MB
508 KB 83ms
32ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/discourse-57004e9962b88dbcdd86c0e42e4e9963f81ee342328649898bcd71f68333a21c.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57004e9962b88dbcdd86c0e42e4e9963f81ee342328649898bcd71f68333a21c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:05:12 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: JxUYpz1liX3STP9kH1B7cUsmCMX8JLb1
age: 327085
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 519374
x-cdck-cacheable: True
last-modified: Thu, 23 Feb 2023 22:03:53 GMT
server: AmazonS3
etag: "b79e0a8385807fb364479adf35851ff4"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: jOKjiTijAAoI9WXgA81RG5tT-2EID04zkA7I6KbFtDP9LE90LLiRcQ==

GET
H2 200 discourse-akismet-3ca9657e423437cf07f419c3b7c543eb44c2fb11a9e48bab606d1a27dcf8765f.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 6 KB
2 KB 162ms
111ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/discourse-akismet-3ca9657e423437cf07f419c3b7c543eb44c2fb11a9e48bab606d1a27dcf8765f.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ca9657e423437cf07f419c3b7c543eb44c2fb11a9e48bab606d1a27dcf8765f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 16:58:26 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: LpC3TUXfKKjVuXN4rhVXSl4ksOfl5cvH
age: 604690
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1328
x-cdck-cacheable: True
last-modified: Tue, 24 Jan 2023 15:33:02 GMT
server: AmazonS3
etag: "85ac40287af27ce5ea12d6d1b6c1b065"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: G3f2Sl_Q7Lmr0wywIL5VCcSRXKU6HwZcKvyKsaJ33MPyNxZjntcfgA==

GET
H2 200 discourse-assign-ca93b78c85ec1069c04993c064a6e3741257f43afa0b9b78094c9cd88017cc0e.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 89 KB
16 KB 133ms
82ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/discourse-assign-ca93b78c85ec1069c04993c064a6e3741257f43afa0b9b78094c9cd88017cc0e.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca93b78c85ec1069c04993c064a6e3741257f43afa0b9b78094c9cd88017cc0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:05:12 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: S9zNBbv0okm6_xA0FVOETW6_V0ZCXHb3
age: 327085
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15986
x-cdck-cacheable: True
last-modified: Thu, 23 Feb 2023 22:04:14 GMT
server: AmazonS3
etag: "9df75c6326e67d0a39001e254ab445b1"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: hUfLqNdboA3UFm3_lGpK7sgkqgtpZqLT97Q_jNkGIfhvMnFmw56bWQ==

GET
H2 200 discourse-cakeday-63f16a001f0f5eb6663f69b5e922bea6b2d63d51c802d5d55d760d06a87e6b5d.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 37 KB
5 KB 131ms
81ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/discourse-cakeday-63f16a001f0f5eb6663f69b5e922bea6b2d63d51c802d5d55d760d06a87e6b5d.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63f16a001f0f5eb6663f69b5e922bea6b2d63d51c802d5d55d760d06a87e6b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 16:58:26 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: FQn3lHPjcRPW7viDOvsyq.aDetmJaf0G
age: 604690
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4262
x-cdck-cacheable: True
last-modified: Tue, 24 Jan 2023 15:33:02 GMT
server: AmazonS3
etag: "f82ce96d78a74f81b901c84b67cd70c9"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: 0LomtYHdM3ChRwFQsrRS4YFujWLheHan7OFyTDjSwnEgL2233cm5LA==

GET
H2 200 discourse-canned-replies-d40995fc69a87b29749ff9335210267f94ccb9973db8482cbf20a9edd58efeca.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 20 KB
4 KB 147ms
98ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/discourse-canned-replies-d40995fc69a87b29749ff9335210267f94ccb9973db8482cbf20a9edd58efeca.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d40995fc69a87b29749ff9335210267f94ccb9973db8482cbf20a9edd58efeca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 16:58:27 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: O4rS7X5oinkvQ.jrH.l4GUrWy2cFAiZY
age: 604690
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4112
x-cdck-cacheable: True
last-modified: Tue, 24 Jan 2023 15:33:03 GMT
server: AmazonS3
etag: "aa7f2e918f33d141bfa6d7f75bc85dac"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: -VoeV0QRKjY2NeJBU-MMk2Oo_nxkejGv2WXTDC50HjwqO_VCheqGSw==

GET
H2 200 discourse-chat-integration-188840bf3a2f6bed42c4411e63789a765a0193b61c39e041ba452120b1fd1f30.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 47 KB
7 KB 164ms
114ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/discourse-chat-integration-188840bf3a2f6bed42c4411e63789a765a0193b61c39e041ba452120b1fd1f30.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 188840bf3a2f6bed42c4411e63789a765a0193b61c39e041ba452120b1fd1f30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 16:58:27 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: EYKqB_bnmP2j9TWTWkocrS2pbhZCwx6S
age: 604690
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6848
x-cdck-cacheable: True
last-modified: Tue, 24 Jan 2023 15:33:03 GMT
server: AmazonS3
etag: "f7755c8f5e309c32e7b3237c63669bb0"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: w_jOayUfwcOisq9FOPZuAMeqsmvO8HtFhD1zLKc2hipv66b4KkUb1A==

GET
H2 200 discourse-checklist-158bd15bedbb47ed5e91792280bd2a0e2623495d2508465d2a2bb0ddedd9ec23.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 4 KB
2 KB 145ms
96ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/discourse-checklist-158bd15bedbb47ed5e91792280bd2a0e2623495d2508465d2a2bb0ddedd9ec23.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 158bd15bedbb47ed5e91792280bd2a0e2623495d2508465d2a2bb0ddedd9ec23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 16:58:26 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: 0E06Bb6UmeMVQnjdnqg_WvHWXCZ6Mfwv
age: 604690
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1699
x-cdck-cacheable: True
last-modified: Tue, 24 Jan 2023 15:33:03 GMT
server: AmazonS3
etag: "89b81b5c6c548443c1d916ccb26db3bd"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: QFTW21CpVstbIvBYEbDjiu_SEuj2Lt_6_ei7bGAyVAtz4dBA5LNhZA==

GET
H2 200 discourse-data-explorer-887645dbd37baf22bc211ab0c1ba3d42c7e16f46ecc212fb09770f24df9cb300.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 88 KB
16 KB 178ms
130ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/discourse-data-explorer-887645dbd37baf22bc211ab0c1ba3d42c7e16f46ecc212fb09770f24df9cb300.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 887645dbd37baf22bc211ab0c1ba3d42c7e16f46ecc212fb09770f24df9cb300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:05:12 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: II5E.p7hpX_z9F.SKB4eJBYHzcVUKAgV
age: 327085
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15584
x-cdck-cacheable: True
last-modified: Thu, 23 Feb 2023 22:04:15 GMT
server: AmazonS3
etag: "618382b7bfe00892cce89ba1d424213e"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: 3_h0Aqk1NT9jF7fPB5SLZvDsqlsdDpu_p4ntHeCQnRE48TQxlAe71w==

GET
H2 200 discourse-details-4cc313dcbef7c2a43d82c8d9cd301ad2bedc79dcb8f31645e1dd0a8b626ba7f3.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 1 KB
1 KB 180ms
131ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/discourse-details-4cc313dcbef7c2a43d82c8d9cd301ad2bedc79dcb8f31645e1dd0a8b626ba7f3.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4cc313dcbef7c2a43d82c8d9cd301ad2bedc79dcb8f31645e1dd0a8b626ba7f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 16:58:27 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: JzKU9ukJSPSeI977KqDbsrSjtUDNez5o
age: 604690
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 675
x-cdck-cacheable: True
last-modified: Tue, 24 Jan 2023 15:33:04 GMT
server: AmazonS3
etag: "26d71cdb23015855a9eb3057442b859d"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: O7R8F_VazfAzFh1mWRjKJoAl_BSRch-bt5glSsWobh_Vtu0qsb1Ekw==

GET
H2 200 discourse-footnote-46ee3433bd8570ff50243dd1d1a4b098c10d93fbd0ae2ef4e25b83f17fa18b3d.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 3 KB
2 KB 179ms
130ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/discourse-footnote-46ee3433bd8570ff50243dd1d1a4b098c10d93fbd0ae2ef4e25b83f17fa18b3d.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46ee3433bd8570ff50243dd1d1a4b098c10d93fbd0ae2ef4e25b83f17fa18b3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 16:58:27 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: fVZhWXtXCdUvx0bvTt88dHrTeH44ZY6Q
age: 604690
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1092
x-cdck-cacheable: True
last-modified: Tue, 24 Jan 2023 15:33:04 GMT
server: AmazonS3
etag: "4727f6e5472adff623b6204951932e89"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: LfOPdwPvtimq9LN38WWn7mgab8YVnA71migWOdH77i81prIY-cFiPQ==

GET
H2 200 discourse-footnote_extra-7f7bb8e0891106317fe6883ba187d239709a385df2c386a4d9ab105732204444.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 6 KB
2 KB 149ms
101ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/discourse-footnote_extra-7f7bb8e0891106317fe6883ba187d239709a385df2c386a4d9ab105732204444.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 926e716dd9651aef0792c69534106dedb985687e4c18e95de2f6cc708956ca1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 16:58:27 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: eb9EbnksKNlSGNUXJGTMFL7kLeuGXr6A
age: 604690
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
content-length: 2002
x-cdck-cacheable: True
last-modified: Fri, 04 Nov 2022 05:39:15 GMT
server: AmazonS3
etag: "c4d96da304f67df2117a5866a0752339"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: F2Q-fjitLlkB4UdQ20CxxzlNA5bJfhisg1Mx4-y69qID1ow2jLbZuA==

GET
H2 200 discourse-local-dates-93637d54f3d6737b397745eb98596da77be2956c27592769fc2803f44a2ada73.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 35 KB
10 KB 150ms
102ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/discourse-local-dates-93637d54f3d6737b397745eb98596da77be2956c27592769fc2803f44a2ada73.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 93637d54f3d6737b397745eb98596da77be2956c27592769fc2803f44a2ada73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:05:12 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: quk2YX4JnatN_pF6pySJCIQvYcATzftO
age: 327085
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 9251
x-cdck-cacheable: True
last-modified: Thu, 23 Feb 2023 22:04:15 GMT
server: AmazonS3
etag: "cdaba5015e1a3c2bb20fbbfc3f3681ff"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: x9Sc1ELogK_kkcPfZUhZCO2bj9GoNERAFgYDiH5xOJmaoM8w22Tnkg==

GET
H2 200 discourse-math-6edfa55446705528abf0d6b375322e7abad9314e7d8fe018908a032393f1a5ff.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 6 KB
3 KB 78ms
30ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/discourse-math-6edfa55446705528abf0d6b375322e7abad9314e7d8fe018908a032393f1a5ff.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6edfa55446705528abf0d6b375322e7abad9314e7d8fe018908a032393f1a5ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:05:12 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: WlLYC404i3tyoXsgV1Jk.lAckZZod9YQ
age: 327085
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2125
x-cdck-cacheable: True
last-modified: Thu, 23 Feb 2023 22:04:15 GMT
server: AmazonS3
etag: "f9723bd5eea3e9506d8cc2fff4908e55"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: JPWRH0-MpoBAfjJmdLd2LBZCsM61SzPcMmuuwZDAe-XXAmSahWcq8Q==

GET
H2 200 discourse-narrative-bot-4cf85d81804acc076fc2f587e4b1474e55808ac24ab19217564f0fa8d3271c99.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 2 KB
1 KB 164ms
116ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/discourse-narrative-bot-4cf85d81804acc076fc2f587e4b1474e55808ac24ab19217564f0fa8d3271c99.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4cf85d81804acc076fc2f587e4b1474e55808ac24ab19217564f0fa8d3271c99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:05:12 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: R2oJGhZDMPWGuM52nGluIinuqN5baqhe
age: 327084
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 781
x-cdck-cacheable: True
last-modified: Thu, 23 Feb 2023 22:04:15 GMT
server: AmazonS3
etag: "ea0f2e2c574ff46110274e019fec3b01"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: c5mjVMzFuUNnTplhAuYHhIAfd0WNN_DIt-pRv2X4163V5okEZOVeIg==

GET
H2 200 discourse-policy-b209a4772e92d76711e3b803fd3a54d5ccfc59d622323b4ed0841c1e72bed40a.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 31 KB
6 KB 159ms
112ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/discourse-policy-b209a4772e92d76711e3b803fd3a54d5ccfc59d622323b4ed0841c1e72bed40a.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b209a4772e92d76711e3b803fd3a54d5ccfc59d622323b4ed0841c1e72bed40a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:05:12 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: 7IP.S_EFf3hYAS5rcyhliJplEGpfm9Ly
age: 327085
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6049
x-cdck-cacheable: True
last-modified: Thu, 23 Feb 2023 22:04:15 GMT
server: AmazonS3
etag: "11f186f75b8f9483624edac92070cf04"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: TQZ-kseYzvT6T9XD_3_hSR0gtLBIa-FESQW_YuWJdkShUCeaH2gynA==

GET
H2 200 discourse-presence-467137798b01eb6963e6d98d01ae909a98a558e8f77cd61cf4b7e802065eebd8.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 11 KB
3 KB 146ms
99ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/discourse-presence-467137798b01eb6963e6d98d01ae909a98a558e8f77cd61cf4b7e802065eebd8.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 467137798b01eb6963e6d98d01ae909a98a558e8f77cd61cf4b7e802065eebd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:05:12 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: ijRzN.Itk4j62K0EsJ78njyoyJZNlC_0
age: 327085
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2582
x-cdck-cacheable: True
last-modified: Thu, 23 Feb 2023 22:04:15 GMT
server: AmazonS3
etag: "fab00ce7b9a41c54df4c0f850c8d404c"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: xlzeK3yTw9V6dTmvz4G6Sq1O5Epuzip19BBSAlCQFoYWwOhyaMj2Lg==

GET
H2 200 discourse-solved-bf157501b3aa29216806b9214644f5323f4482e2ec1cdbf670b60ccb9ec436da.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 15 KB
4 KB 161ms
114ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/discourse-solved-bf157501b3aa29216806b9214644f5323f4482e2ec1cdbf670b60ccb9ec436da.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf157501b3aa29216806b9214644f5323f4482e2ec1cdbf670b60ccb9ec436da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 16:58:26 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: Aeaey_REDKO1dFOXOq7Eajmh9mByyD8M
age: 604690
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3873
x-cdck-cacheable: True
last-modified: Tue, 24 Jan 2023 15:33:05 GMT
server: AmazonS3
etag: "78a4636ac5f9f1329b56abacc4987382"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: 3ydwQekB61QU9oCKbJCVH8Haf_pOwMMqyUae5Ocf6fCvnw1ceotZNw==

GET
H2 200 discourse-spoiler-alert-f81d12a773a4160e77844fb1b786c4b50c185b4f95b120a75bae280918d8aaf2.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 3 KB
2 KB 162ms
115ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/discourse-spoiler-alert-f81d12a773a4160e77844fb1b786c4b50c185b4f95b120a75bae280918d8aaf2.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f81d12a773a4160e77844fb1b786c4b50c185b4f95b120a75bae280918d8aaf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 16:58:26 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: ZfNkstW8hI8K37oDhk_9CedQ7gIHiHll
age: 604690
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1333
x-cdck-cacheable: True
last-modified: Tue, 24 Jan 2023 15:33:05 GMT
server: AmazonS3
etag: "ae361cf01a9a2e33ef30e18c4e0bdcc3"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: XUSTeXRmOJHlw3VmBcuazyWzU-8-Wg8K0UGF5E7fMRmfEeGckckX5w==

GET
H2 200 discourse-topic-voting-23d96d58a63595e40257b4dbfc8ca05e57452dedf101837e390ee5ed87cf298c.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 12 KB
4 KB 141ms
95ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/discourse-topic-voting-23d96d58a63595e40257b4dbfc8ca05e57452dedf101837e390ee5ed87cf298c.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23d96d58a63595e40257b4dbfc8ca05e57452dedf101837e390ee5ed87cf298c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 16:58:27 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: 4urwTur1Uan97JGMc2rBL5l8h2Lgb9x0
age: 604690
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3146
x-cdck-cacheable: True
last-modified: Tue, 24 Jan 2023 15:33:06 GMT
server: AmazonS3
etag: "1ae36fbe06ca9b81b000cb8b8b859c2e"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: VK2Ajb0nKOIbZMsX7pZtlS1X1CRkC62kbI8KHYb0gX8ixMaDHyXDww==

GET
H2 200 discourse-user-notes-1bb391b156322c261984dde0a2f53d437a950e01f710c105c27b4a8c35bf92ee.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 16 KB
4 KB 147ms
100ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/discourse-user-notes-1bb391b156322c261984dde0a2f53d437a950e01f710c105c27b4a8c35bf92ee.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1bb391b156322c261984dde0a2f53d437a950e01f710c105c27b4a8c35bf92ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 16:58:26 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: HWZJB0Zr2K_kYOTfjPAutc7X35l73foB
age: 604690
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3766
x-cdck-cacheable: True
last-modified: Tue, 24 Jan 2023 15:33:06 GMT
server: AmazonS3
etag: "db88e78c3369c38a4778c36053f68093"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: TXIECJcYVCoSyFJBQA1IvMMwyjNUx_z18SzZF_0HskFmpZq4B9LPTw==

GET
H2 200 hosted-site-89bc13ef84d5e11814ca923353cf2c6d0f0f22cd6cac9f0b4689efeb546a882d.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 64 KB
14 KB 143ms
97ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/hosted-site-89bc13ef84d5e11814ca923353cf2c6d0f0f22cd6cac9f0b4689efeb546a882d.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89bc13ef84d5e11814ca923353cf2c6d0f0f22cd6cac9f0b4689efeb546a882d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:05:12 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: G4TBhT33We9lVNq4YtRW4BUXN630h6.h
age: 327085
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 14274
x-cdck-cacheable: True
last-modified: Thu, 23 Feb 2023 22:04:16 GMT
server: AmazonS3
etag: "f8356faa5d9b6334779aa5b0b8f93cda"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: jr9tK7EX_jvCwNLjfYtV1ff33NsVAv60Az_myLxIf6sRUgRfyOc8Bg==

GET
H2 200 hosted-site_admin-3709998d262ac1792f5df60004469c3d611a1f336662cb76f20821264945ee84.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 67 KB
13 KB 177ms
131ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/hosted-site_admin-3709998d262ac1792f5df60004469c3d611a1f336662cb76f20821264945ee84.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3709998d262ac1792f5df60004469c3d611a1f336662cb76f20821264945ee84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 16:58:26 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: BPEFPnZ3rgMTs2wPs7j8_vOGvQ.W0MCC
age: 604690
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 12435
x-cdck-cacheable: True
last-modified: Tue, 24 Jan 2023 15:33:06 GMT
server: AmazonS3
etag: "7e5e31c3413a5ace725da2c6f1ad33ff"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: W9p0PoZnnPSkJEwE0PpPue4vJe7OzU6dsT4b5n8QJzh3lpEw4YFXNw==

GET
H2 200 lazy-yt-37ba46caad39a8d451e22030fac3ba0c04d3c2aa5cf73544b9c23ec143dcbf99.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 4 KB
2 KB 159ms
113ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/lazy-yt-37ba46caad39a8d451e22030fac3ba0c04d3c2aa5cf73544b9c23ec143dcbf99.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37ba46caad39a8d451e22030fac3ba0c04d3c2aa5cf73544b9c23ec143dcbf99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 16:58:26 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: eJXF7V7u4PHazDQkjW3oKf8HeYtZiYW3
age: 604690
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
content-length: 1850
x-cdck-cacheable: True
last-modified: Mon, 28 Nov 2022 23:46:41 GMT
server: AmazonS3
etag: "515aa3314f22ea547fee9e9aecfd2ca1"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: 2bIuFbTZZuIBJAL5QdyA8A7aq8Uy0qfKJsqw65SQ6ZqDDIzE42gqAA==

GET
H2 200 poll-d7617571fd46a328e5dd9780f782307f0af41980db668891ee4db50869182f1e.br.js Show response
global.discourse-cdn.com/hashicorp/assets/plugins/ 56 KB
15 KB 162ms
116ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/plugins/poll-d7617571fd46a328e5dd9780f782307f0af41980db668891ee4db50869182f1e.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7617571fd46a328e5dd9780f782307f0af41980db668891ee4db50869182f1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:05:12 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: WajMSsDkdE6jJG2__Ji9wkVPap_3RLkq
age: 327085
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 14935
x-cdck-cacheable: True
last-modified: Thu, 23 Feb 2023 22:04:16 GMT
server: AmazonS3
etag: "e202a6ff25d078de04258f4545b83175"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: X2R6ydpO-BbvXDUsdCVwQpLeHugzBfoSQjZQyLPTmMQW_D1MjIXGDQ==

GET
H2 200 46a8986111e96873b52e57e4ad8992453f4793d1.js Show response
sea2.discourse-cdn.com/hashicorp/theme-javascripts/ 115 KB
35 KB 155ms
69ms Script
text/javascript 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/theme-javascripts/46a8986111e96873b52e57e4ad8992453f4793d1.js?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5d07556abfd14e2ba808fe6aefe421c90fdbefb31708a66184ed0d76a4213804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 01:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 574441
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: theme_javascripts/show
content-transfer-encoding: binary
content-disposition: inline; filename="46a8986111e96873b52e57e4ad8992453f4793d1.js"; filename*=UTF-8''46a8986111e96873b52e57e4ad8992453f4793d1.js
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 1c117413-e815-45d6-8241-3a6aa461069d
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 24 Jan 2023 15:33:54 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: oTM6BFfWATw0sZRPH673Jz8vBHaivQIYoXnhACW-DBTC9SjvhOxnUw==
cdck-proxy-id: app-router-tiehunter02.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 a982ba90e56c69c534e5c92e2b951ff5cda37a4b.js Show response
sea2.discourse-cdn.com/hashicorp/theme-javascripts/ 6 KB
3 KB 172ms
87ms Script
text/javascript 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/theme-javascripts/a982ba90e56c69c534e5c92e2b951ff5cda37a4b.js?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c46dbe632a7b09b8734a0617b4ba63f93bef366d084b3795d64d460164824f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 01:22:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 574442
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: theme_javascripts/show
content-transfer-encoding: binary
content-disposition: inline; filename="a982ba90e56c69c534e5c92e2b951ff5cda37a4b.js"; filename*=UTF-8''a982ba90e56c69c534e5c92e2b951ff5cda37a4b.js
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 28aec1bd-74e5-4100-8d88-58b0248c3afa
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Dec 2022 19:24:44 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: FOc0uPJUT9RZe0F2UIMjXLDBeyiIsUheTJCjWKFm16NwuFK3l_-Ohg==
cdck-proxy-id: app-router-tiehunter02.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 google-universal-analytics-v3-4195304cc8fc9564a86cfaf637f43e2582acbb938c5f563f03b3c967c4bf07a4.br.js Show response
global.discourse-cdn.com/hashicorp/assets/ 1014 B
924 B 159ms
113ms Script
application/javascript 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.discourse-cdn.com/hashicorp/assets/google-universal-analytics-v3-4195304cc8fc9564a86cfaf637f43e2582acbb938c5f563f03b3c967c4bf07a4.br.js
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4195304cc8fc9564a86cfaf637f43e2582acbb938c5f563f03b3c967c4bf07a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 16:58:26 GMT
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: yJkt7RL9JMiW2Q4eZy9lDmWsyJws7y54
age: 604690
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
content-length: 477
x-cdck-cacheable: True
last-modified: Fri, 04 Nov 2022 05:38:52 GMT
server: AmazonS3
etag: "40f778e6eb73ae07566a075e6ea60aa7"
content-type: application/javascript
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
x-amz-cf-id: Mr4XeLNhYKjPFAih83Ghmy2jh-W3vyGdUmSAptx1lmxbrTpTkvdRKA==

GET
H2 200 color_definitions_hashicorp_11_19_5bf044de25fc99dbf7afc4ba6bea3ca553dbd6f5.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 3 KB
2 KB 99ms
14ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/color_definitions_hashicorp_11_19_5bf044de25fc99dbf7afc4ba6bea3ca553dbd6f5.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1a54771c1234e99a165cf0070f8152092280662983923a171aff7f2d58cbce7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="color_definitions_hashicorp_11_19_5bf044de25fc99dbf7afc4ba6bea3ca553dbd6f5.css"; filename*=UTF-8''color_definitions_hashicorp_11_19_5bf044de25fc99dbf7afc4ba6bea3ca553dbd6f5.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 582724b7-eb7f-4914-ba2a-a4a88053090f
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:20 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: NIttlE0I93FikBB4XRFKymipMu1iYucYVWIB1jfc0wtzNKSzsmIobg==
cdck-proxy-id: app-router-tiehunter03.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 desktop_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 467 KB
82 KB 105ms
19ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/desktop_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

70bcb0599f652b2148491f02516035c18b48ece20391457d8827c09a35f9dd70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="desktop_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''desktop_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 2bd8f5d2-f8c3-49b1-8272-6bc5fc452caa
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:17 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: 4MxESfcdMlQa_9fRpED8wua97Tyt3JOXUsIvoiqIv8W57NIYmnaJ0Q==
cdck-proxy-id: app-router-tiehunter03.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 discourse-akismet_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 264 B
1 KB 129ms
44ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/discourse-akismet_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

462220cb5828b3c721084a9dbb68e3e1e2dc3acda66bd7b68077db50d5c1fcc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="discourse-akismet_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''discourse-akismet_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 64483a74-2c65-4fe9-b0ce-e8d095c599ba
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:19 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: DLNJQRIFnmjU1gLkCF7n4tQc43hi9c7rJYobJsyF5-4jpTJZ5u4sSA==
cdck-proxy-id: app-router-tiehunter02.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 discourse-assign_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 4 KB
2 KB 131ms
45ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/discourse-assign_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ec7e4fe6a472685df241e7c4ec62adacf222573828d1161787a087b4020e4d58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="discourse-assign_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''discourse-assign_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 761d5932-fdf8-49e5-bbb6-d1943f9408c4
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:19 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: JVXHy9LEwdrWfRsN05sTciyRfa2VrcrkdUXROmp2-BrRtIM-UROXeg==
cdck-proxy-id: app-router-tiehunter02.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 discourse-cakeday_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 656 B
1 KB 132ms
47ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/discourse-cakeday_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0473db974c764167f83814f108ab675327ab6ce04a757a8fc5cab7ae7843417d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="discourse-cakeday_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''discourse-cakeday_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 32bc6fc0-714e-4ff1-91d9-609b34908345
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:19 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: 5rbOpDQ438HrfwAvviJPrOkXOML1rSuD5RupF8W9GgzwPOl5fREPZg==
cdck-proxy-id: app-router-tiehunter03.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 discourse-canned-replies_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 2 KB
2 KB 133ms
48ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/discourse-canned-replies_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

01bfb18a5a99a3a5e50131a96011eab55142393b196b3d8acdbf345b6b9cb4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="discourse-canned-replies_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''discourse-canned-replies_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 40a2d82a-6adb-46d5-80e0-5a8f0eda7756
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:19 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: SHsQIvcZWlDqhJxu0wyxIlWb-EpmYFdVcLfvJtCoK0qVR1Ol2pDRZw==
cdck-proxy-id: app-router-tiehunter03.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 discourse-chat-integration_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 3 KB
2 KB 153ms
68ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/discourse-chat-integration_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

831a971250674446aeda66b5bcf8fcb59f04288615138293c8d1fc118bd5c9ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="discourse-chat-integration_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''discourse-chat-integration_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 62dfd46c-7b57-404d-8dc3-88ad489cc042
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:19 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: jq0aS2RUVT1fgoBIgt0wxTiwt7iZ917AE0QhoTAUl5i281jFHM0TrQ==
cdck-proxy-id: app-router-tiehunter02.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 discourse-checklist_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 5 KB
2 KB 152ms
67ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/discourse-checklist_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0ab8d777088af144515418c089f8a9174cc2b45bba47c0d8b19060f55310aabf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="discourse-checklist_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''discourse-checklist_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 52c0d652-3a2d-4d5f-b0c9-c387416d9227
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:19 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: TNkxYf6fRcIg6ZcAO9TTjZLXhwVNgbY_cRqQYxEkGeSR92zo0a0d9Q==
cdck-proxy-id: app-router-tiehunter02.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 discourse-data-explorer_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 7 KB
3 KB 134ms
49ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/discourse-data-explorer_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2c7a049d243a736f8839ba8d3e4752fcf847c59b5930d6655bbbdf637f71c1d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="discourse-data-explorer_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''discourse-data-explorer_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 71fb55eb-a830-4223-a62d-dfc018a08637
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:19 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: mryyk5KU1jABBi1BMaXqTbdO5rWQL_C6SgztgrdWk6Z2I_lL-wTJuw==
cdck-proxy-id: app-router-tiehunter02.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 discourse-details_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 1 KB
1 KB 135ms
51ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/discourse-details_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0e7c1f5e972f6cd0ecac9be1dfa385ac2ff81281ff86c74533789e83d3709721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="discourse-details_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''discourse-details_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: d6a927c6-4b2b-46c4-bb81-1bf334a6e053
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:19 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: Gm9H5T6f9S-K_xvZx1FgB6m_Qthz8SC_dNNFRjj4USvlPQTKkRlGUw==
cdck-proxy-id: app-router-tiehunter02.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 discourse-footnote_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 2 KB
1 KB 151ms
66ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/discourse-footnote_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ed961b09843cc616b3e4354cc0450de805a23d4a97768b0ce992817d916b8da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="discourse-footnote_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''discourse-footnote_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: fb320422-6965-401a-b39f-5fde8368c1ad
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:19 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: Efkuym4CP9QnyBJ6i_ieFuWmkqXmXR-gi6SiwDTLCkv7I-PIpK0ChQ==
cdck-proxy-id: app-router-tiehunter02.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 discourse-local-dates_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 7 KB
2 KB 135ms
51ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/discourse-local-dates_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8470c9ef38aae56d7e5019490e14ee28ca1aa33842fdb5b13416262222b256b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="discourse-local-dates_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''discourse-local-dates_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 0a291163-5b58-4c39-a424-1b3c72b73b23
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:19 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: IOWohIXkqXv15LdYCriSMAnbsd_t8TN1SrEfFaLg_R1fER5agg1Cjw==
cdck-proxy-id: app-router-tiehunter02.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 discourse-math_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 2 KB
1 KB 149ms
65ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/discourse-math_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cc7c466c7e09368a559a371ce8cd5c831535a565b4ec6cb98df39c155115dfe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="discourse-math_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''discourse-math_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: e7b74428-88f0-4def-9c8f-06a238147d83
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:19 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: _F5cAyhlZEcNtDapO9p1I3eLiLfU4YppYsbJ8FjTnce_rWAF9URG5A==
cdck-proxy-id: app-router-tiehunter03.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 discourse-narrative-bot_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 180 B
1019 B 133ms
49ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/discourse-narrative-bot_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3d327e7a2f57ad584875f17d753604c324435f06450ebc080881d63b472126f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="discourse-narrative-bot_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''discourse-narrative-bot_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 4fae90f7-ab24-4509-b177-7dc1c23a9a71
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:19 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: AaJDrUJ-B2U4v0VH0Pc8hkN4qX82OkVIjXul5exsbqPmepzIesAwZg==
cdck-proxy-id: app-router-tiehunter02.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 discourse-policy_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 3 KB
2 KB 136ms
52ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/discourse-policy_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e17c59b9d678fb7b2f11f70dfd2bab0030b79a2383d4838c9660389013d00a82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="discourse-policy_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''discourse-policy_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 31495c97-c3ab-4ae2-aab9-058412865bb6
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:19 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: PG4f6-4wWmLeUZifBKR2S0sguiFuj7S5WqEG0fOz0STbSKf0Yy5tiQ==
cdck-proxy-id: app-router-tiehunter02.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 discourse-presence_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 1 KB
1 KB 134ms
50ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/discourse-presence_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5dee22ce3d29d4fb09a9c7e2fcbfeb3322f4b6ccf8c34f6938fc6597819d7496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="discourse-presence_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''discourse-presence_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: b5a28bf1-7851-4f28-b341-7cbaf047929a
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:19 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: p4AGoP2yVvTqHEhdCEbPOh1D5MHdg8M8PFm7t1aWMTNw_Vi5y4yAkw==
cdck-proxy-id: app-router-tiehunter02.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 discourse-solved_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 1 KB
1 KB 149ms
65ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/discourse-solved_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

17a94fd172e0e8c0fe912150cc73c586951df9ab8e2a7ae1ea88fd496383ac1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="discourse-solved_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''discourse-solved_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 8cb96f38-4dcf-4fe8-bb5c-9ace616278a3
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:19 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: K6Avs8hJzkjrgWeVYVOhveIKk-sttqSyl850bLPi-zPB6_rdNZznLw==
cdck-proxy-id: app-router-tiehunter03.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 discourse-spoiler-alert_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 1 KB
1 KB 136ms
52ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/discourse-spoiler-alert_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9c319255e6b91327c4d1d595bad45e8dc814405d23cf78d7082c0f23fdce227e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="discourse-spoiler-alert_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''discourse-spoiler-alert_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: adec8c3c-ee0c-4b95-8d0d-05f4b639dbae
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:19 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: osDBWqSJ2UD5ZXMxrG-y52JxXRjfe5LsilQ859Wvjo2kynRH60GVoA==
cdck-proxy-id: app-router-tiehunter03.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 discourse-topic-voting_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 1 KB
1 KB 148ms
64ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/discourse-topic-voting_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

da0635c78cae58147093055d0e0c5f90c42f3f31833c35848d66b640617fcd8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="discourse-topic-voting_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''discourse-topic-voting_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 3eb5c232-9d04-47c0-9580-f21aeeae14a7
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:19 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: cxvwaf2RsTUvnGqCjnsGElI1fWA3p2O-dJp1z9r0lRnYnRptcsta_w==
cdck-proxy-id: app-router-tiehunter03.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 discourse-user-notes_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 2 KB
1 KB 151ms
68ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/discourse-user-notes_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

748b4e3f768472f59ec7c056b148dd7f648abf017f3027b336f2eea23b7ae58f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="discourse-user-notes_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''discourse-user-notes_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 6abc9088-71cf-4343-a9ab-5fc37697330d
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:19 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: xWbdLfkG2_udxF1NBs13NOG-gFClIP7F4hOvl-0QjUZdEcCQemraaw==
cdck-proxy-id: app-router-tiehunter02.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 hosted-site_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 7 KB
3 KB 147ms
63ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/hosted-site_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5834c65ae42416206de8c4abb84665f9444b7f79f4961de1bf9c552bdf2c00df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="hosted-site_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''hosted-site_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 3cfd644c-1abd-4628-891f-fd7f452fd5df
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:20 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: 1j_wN0tgngMn861UWvarGz96maafK5YWXOJhem_CvoCbqKoyCib72A==
cdck-proxy-id: app-router-tiehunter02.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 lazy-yt_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 2 KB
2 KB 149ms
66ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/lazy-yt_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0d3aefb943ce777287b288a0328d98349b21870884a6594b19bd10aeab45c18d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="lazy-yt_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''lazy-yt_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 344ed027-cc34-4d40-bbc3-37caaa3cf095
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:20 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: nA0x3D-WV3rPE-sJiRFx2bgBmmOS9mee81BeCBPX3s_UKIjOiBN5-g==
cdck-proxy-id: app-router-tiehunter03.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 poll_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 6 KB
2 KB 152ms
69ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/poll_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3a339b9bb6f006f6abcaeae39f8f3717494698f517b00e1ebf1df0682f0e76c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="poll_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''poll_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 3b0126d2-b661-4d42-94e3-df2edc35e0fa
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:20 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: FIJdMyCT0qqKC4VSHX5NH1UfT_G6R0HWV_dCe4d41ZZvicktyju64g==
cdck-proxy-id: app-router-tiehunter02.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 discourse-topic-voting_desktop_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 192 B
1 KB 146ms
63ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/discourse-topic-voting_desktop_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d417f0122e17643b31b98c9e5966afa5540186f3c68ca38ef6294835a75b0638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="discourse-topic-voting_desktop_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''discourse-topic-voting_desktop_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 35425bf7-6ba4-4424-8f64-391bd45c26ce
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:20 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: E6nKFLWW9vkhjEMxECojYqHqLWNMFaRga3NB0tu6_lzDirDNcnBs6g==
cdck-proxy-id: app-router-tiehunter01.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 poll_desktop_7a02ca6decfb615979761fcd83a3594abbf293b2.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 2 KB
2 KB 150ms
67ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/poll_desktop_7a02ca6decfb615979761fcd83a3594abbf293b2.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

398f616fa96669a02f0441f6b2e2e4d8149bcacc95b4c7bf177c37efbe15b33a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="poll_desktop_7a02ca6decfb615979761fcd83a3594abbf293b2.css"; filename*=UTF-8''poll_desktop_7a02ca6decfb615979761fcd83a3594abbf293b2.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: e329d43c-1d14-449e-bdea-7326b790a297
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:20 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: WNWvEnWkYmKMDLIjBRpRyowd4suZG_aqbfc_qEEGK1puKPMcOvjUmw==
cdck-proxy-id: app-router-tiehunter02.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 desktop_theme_19_9ccacefa5206a5267d67fda206b3fc1eefb419e0.css
sea2.discourse-cdn.com/hashicorp/stylesheets/ 29 KB
7 KB 136ms
53ms Stylesheet
text/css 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/stylesheets/desktop_theme_19_9ccacefa5206a5267d67fda206b3fc1eefb419e0.css?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9a6643c43bb4dab9a4f251752d19ded8b16fff9e5ea8f483e14b8e4c4946b7e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:32:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 311026
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: stylesheets/show
content-transfer-encoding: binary
content-disposition: inline; filename="desktop_theme_19_9ccacefa5206a5267d67fda206b3fc1eefb419e0.css"; filename*=UTF-8''desktop_theme_19_9ccacefa5206a5267d67fda206b3fc1eefb419e0.css
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 150b64e6-293f-46f5-b119-38e694af42c5
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 02:31:20 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: DT0b_hcaNnmK7eV9sJVGkhqEiwzHEe1Ad3WgWNm1hx3BInQEhWO3xg==
cdck-proxy-id: app-router-tiehunter03.sea2, app-balancer-tieinterceptor1a.sea2

GET
DATA 200
OK truncated
/ 42 B
42 B Image
image/svg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3020fec22695cef6db79cc376c47a98caca760be92b1db6e219f62dd9b3ec26a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 f3530bcb5d4c120732c732808fa7097c0d5cf1a6.js Show response
sea2.discourse-cdn.com/hashicorp/theme-javascripts/ 6 KB
2 KB 91ms
88ms Script
text/javascript 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/theme-javascripts/f3530bcb5d4c120732c732808fa7097c0d5cf1a6.js?__ws=discuss.hashicorp.com

Requested by

Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9b93c7264e39c94d99fbf40c8319788386627b6dd53f010d5d8a4fd5541a5aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 01:22:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 574442
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: theme_javascripts/show
content-transfer-encoding: binary
content-disposition: inline; filename="f3530bcb5d4c120732c732808fa7097c0d5cf1a6.js"; filename*=UTF-8''f3530bcb5d4c120732c732808fa7097c0d5cf1a6.js
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: fc870709-e31a-4275-821d-9b8ab9bddeda
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 24 Jan 2023 15:33:50 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: 3PBFJaQU3fvjDdsBZKmeOeYLvWeURPI8lcbMh9JxaL-iObXhTcNKtw==
cdck-proxy-id: app-router-tiehunter03.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 61ms
23ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Requested by

Host: sea2.discourse-cdn.com
URL: https://sea2.discourse-cdn.com/hashicorp/stylesheets/desktop_theme_19_9ccacefa5206a5267d67fda206b3fc1eefb419e0.css?__ws=discuss.hashicorp.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cfdcbbbafe5f910c243c4e87bbbc98934f1531814fd140f2bdff38ea5ab62ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sea2.discourse-cdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Feb 2023 16:56:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 14:58:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Feb 2023 16:56:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
569 B 69ms
31ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Mono

Requested by

Host: sea2.discourse-cdn.com
URL: https://sea2.discourse-cdn.com/hashicorp/stylesheets/desktop_theme_19_9ccacefa5206a5267d67fda206b3fc1eefb419e0.css?__ws=discuss.hashicorp.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b6a3304fb83f82470236f7c4657b2142aad0f438ce74cc99e869a640a62e43f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sea2.discourse-cdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Feb 2023 16:56:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 15:10:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Feb 2023 16:56:36 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 115ms
30ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://discuss.hashicorp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:34:57 GMT
x-content-type-options: nosniff
age: 336100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 19:34:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 52ms
16ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: global.discourse-cdn.com
URL: https://global.discourse-cdn.com/hashicorp/assets/google-universal-analytics-v3-4195304cc8fc9564a86cfaf637f43e2582acbb938c5f563f03b3c967c4bf07a4.br.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 16:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2507
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 27 Feb 2023 18:14:50 GMT

GET
H2 200 svg-19-7721ad769c9217bd9d1d5e6fa3583cd4a74d2fae.js Show response
sea2.discourse-cdn.com/hashicorp/svg-sprite/discuss.hashicorp.com/ 156 KB
49 KB 13ms
12ms Script
application/javascript 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sea2.discourse-cdn.com/hashicorp/svg-sprite/discuss.hashicorp.com/svg-19-7721ad769c9217bd9d1d5e6fa3583cd4a74d2fae.js

Requested by

Host: global.discourse-cdn.com
URL: https://global.discourse-cdn.com/hashicorp/assets/discourse-57004e9962b88dbcdd86c0e42e4e9963f81ee342328649898bcd71f68333a21c.br.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7b9953d4f68e5aaf42cbbb762f2cba37e006f344d243b9c40f6ae75267cbc7e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:05:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
age: 327085
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-discourse-route: svg_sprite/show
x-cdck-cacheable: True
x-xss-protection: 0
x-request-id: 47900e62-24ea-4122-b39c-354046ba444f
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 23 Feb 2013 22:05:12 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31556952, public, immutable
x-amz-cf-id: Tm-PhE9wDrNYafbHcEjQlfAk4aglxzN8tfPouAdD1p4timzpdUZ1dg==
cdck-proxy-id: app-router-tiehunter02.sea2, app-balancer-tieinterceptor1a.sea2

GET
H2 200 668e19cbc79e3eaa176133c3679dc30aa57ba474.svg
global.discourse-cdn.com/hashicorp/original/1X/ 3 KB
2 KB 239ms
239ms Image
image/svg+xml 2600:9000:21f3:9000:2:1e0:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.discourse-cdn.com/hashicorp/original/1X/668e19cbc79e3eaa176133c3679dc30aa57ba474.svg
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9000:2:1e0:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7732106018c54b77491ed924e1c769090ae45bdd0c75c9650ffa3d1c0ad8b021

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: qLnhnwmpElPbdHwkLYtFPUJmQEjpzHeg
content-encoding: br
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
date: Mon, 27 Feb 2023 16:56:38 GMT
last-modified: Thu, 23 Jun 2022 05:08:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"cab78c93dac8176a72d75ddbf6441232"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
x-cdck-cacheable: True
x-amz-cf-id: IarIZqTxvk3KcLfnsopcNsKxH1DYihqhTbZMkeIYfS6-GiEYpObEvQ==

GET
H2 200 13616_2.png
sea2.discourse-cdn.com/hashicorp/user_avatar/discuss.hashicorp.com/eastebry/45/ 940 B
1 KB 11ms
11ms Image
image/png 2600:9000:21f3:2a00:1c:507a:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sea2.discourse-cdn.com/hashicorp/user_avatar/discuss.hashicorp.com/eastebry/45/13616_2.png
Requested by: Host: discuss.hashicorp.com
URL: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2a00:1c:507a:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f15787e1ea45203b54bc2409dff0fb19ca51e77eb11d11ae3fbc4bf67714944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discuss.hashicorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 02:58:21 GMT
x-amz-version-id: W4z04Gzp7HxqzLM3vdOjd6yuMQbnFC04
via: 1.1 3396f08538cae17d7cab5e402e844a54.cloudfront.net (CloudFront), 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
last-modified: Thu, 23 Jun 2022 02:02:09 GMT
server: AmazonS3
age: 568697
x-amz-cf-pop: HIO50-C2, FRA2-C2
etag: "4ccd433c0cb02ddaa0ad825a914aeafd"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31556952, public, immutable
accept-ranges: bytes
content-length: 940
x-cdck-cacheable: True
x-amz-cf-id: 54c-lEHWDQdzBeWcFCNsW4TGcZZq4UFHca8rbUXKsEiv6wrJMudbiA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 21ms
20ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=476146694&t=pageview&_s=1&dl=https%3A%2F%2Fdiscuss.hashicorp.com%2Ft%2Fhcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive%2F50125&dp=%2Ft%2Fhcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive%2F50125&ul=en-us&de=UTF-8&dt=HCSEC-2023-4%20-%20go-getter%20vulnerable%20to%20denial%20of%20service%20via%20malicious%20compressed%20archive%20-%20Security%20-%20HashiCorp%20Discuss&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACACI~&jid=316948815&gjid=1773180622&cid=980433868.1677516997&tid=UA-36299135-17&_gid=625461092.1677516997&_r=1&_slc=1&z=1800786884

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://discuss.hashicorp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 16:56:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://discuss.hashicorp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 poll
discuss.hashicorp.com/message-bus/c1b6d4274e4c4f59be7aa8ef3ff5f67f/ 315 B
0 370ms
370ms XHR
text/plain 2602:fd3f:3:ff02::2b
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

https://discuss.hashicorp.com/message-bus/c1b6d4274e4c4f59be7aa8ef3ff5f67f/poll

Requested by

Host: global.discourse-cdn.com
URL: https://global.discourse-cdn.com/hashicorp/assets/vendor-f2e959203bc406b4698a4388ad51464d9ee2c5ff7b4011f332b7d88c6ce5dab8.br.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:fd3f:3:ff02::2b , United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Discourse-Present: true
X-CSRF-Token: undefined
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-SILENCE-LOGGER: true
Accept: text/plain, */*; q=0.01
Referer: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
X-Requested-With: XMLHttpRequest

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 16:56:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://discuss.hashicorp.com
cache-control: must-revalidate, private, max-age=0
access-control-allow-headers: X-SILENCE-LOGGER, X-Shared-Session-Key, Dont-Chunk, Discourse-Present
cdck-proxy-id: app-router-tiehunter01.sea2, app-balancer-tieinterceptor1b.sea2
expires: 0

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hashicorp.com/	1970-01-20 19:34:36	Name: _ga Value: GA1.2.980433868.1677516997
.hashicorp.com/	1970-01-20 10:00:03	Name: _gid Value: GA1.2.625461092.1677516997
.hashicorp.com/	1970-01-20 09:58:37	Name: _gat Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'none'; script-src https://discuss.hashicorp.com/logs/ https://discuss.hashicorp.com/sidekiq/ https://discuss.hashicorp.com/mini-profiler-resources/ https://global.discourse-cdn.com/hashicorp/assets/ https://global.discourse-cdn.com/hashicorp/brotli_asset/ https://discuss.hashicorp.com/extra-locales/ https://sea2.discourse-cdn.com/hashicorp/highlight-js/ https://sea2.discourse-cdn.com/hashicorp/javascripts/ https://sea2.discourse-cdn.com/hashicorp/plugins/ https://sea2.discourse-cdn.com/hashicorp/theme-javascripts/ https://sea2.discourse-cdn.com/hashicorp/svg-sprite/ https://www.google-analytics.com/analytics.js 'sha256-Gty3/aPWFfSvz7pdT39HY97/+2opLup9V0L19ZF0IwY='; worker-src 'self' https://global.discourse-cdn.com/hashicorp/assets/ https://global.discourse-cdn.com/hashicorp/brotli_asset/ https://sea2.discourse-cdn.com/hashicorp/javascripts/ https://sea2.discourse-cdn.com/hashicorp/plugins/; frame-ancestors 'self'; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

discuss.hashicorp.com
fonts.googleapis.com
fonts.gstatic.com
global.discourse-cdn.com
sea2.discourse-cdn.com
www.google-analytics.com
2600:9000:21f3:2a00:1c:507a:72c0:93a1
2600:9000:21f3:9000:2:1e0:a480:93a1
2602:fd3f:3:ff02::2b
2a00:1450:4001:810::200e
2a00:1450:4001:813::200a
2a00:1450:400d:80d::2003
01bfb18a5a99a3a5e50131a96011eab55142393b196b3d8acdbf345b6b9cb4f6
0473db974c764167f83814f108ab675327ab6ce04a757a8fc5cab7ae7843417d
0ab8d777088af144515418c089f8a9174cc2b45bba47c0d8b19060f55310aabf
0d3aefb943ce777287b288a0328d98349b21870884a6594b19bd10aeab45c18d
0e7c1f5e972f6cd0ecac9be1dfa385ac2ff81281ff86c74533789e83d3709721
0f15787e1ea45203b54bc2409dff0fb19ca51e77eb11d11ae3fbc4bf67714944
158bd15bedbb47ed5e91792280bd2a0e2623495d2508465d2a2bb0ddedd9ec23
17a94fd172e0e8c0fe912150cc73c586951df9ab8e2a7ae1ea88fd496383ac1a
18068a2d9ee3b1943a0bea70aa916d391f1dc6c03eeb7917ead5d6e0a637321a
188840bf3a2f6bed42c4411e63789a765a0193b61c39e041ba452120b1fd1f30
195e28a1e5287cd7b3b55fcc813af7f93bc645d589847f282c737158e70da293
1a54771c1234e99a165cf0070f8152092280662983923a171aff7f2d58cbce7f
1bb391b156322c261984dde0a2f53d437a950e01f710c105c27b4a8c35bf92ee
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
23d96d58a63595e40257b4dbfc8ca05e57452dedf101837e390ee5ed87cf298c
2b6a3304fb83f82470236f7c4657b2142aad0f438ce74cc99e869a640a62e43f
2c7a049d243a736f8839ba8d3e4752fcf847c59b5930d6655bbbdf637f71c1d4
3020fec22695cef6db79cc376c47a98caca760be92b1db6e219f62dd9b3ec26a
331e86c77ddeff594308c27802669aeffae5f4ffddf9565a44e67d119278ae51
3709998d262ac1792f5df60004469c3d611a1f336662cb76f20821264945ee84
37ba46caad39a8d451e22030fac3ba0c04d3c2aa5cf73544b9c23ec143dcbf99
398f616fa96669a02f0441f6b2e2e4d8149bcacc95b4c7bf177c37efbe15b33a
3a339b9bb6f006f6abcaeae39f8f3717494698f517b00e1ebf1df0682f0e76c3
3ca9657e423437cf07f419c3b7c543eb44c2fb11a9e48bab606d1a27dcf8765f
3d327e7a2f57ad584875f17d753604c324435f06450ebc080881d63b472126f7
3ffe4dc5846df8f01751d3a862c7eee0c5627f8ccbcb71f3ceb6a3c0ab8829ad
4195304cc8fc9564a86cfaf637f43e2582acbb938c5f563f03b3c967c4bf07a4
462220cb5828b3c721084a9dbb68e3e1e2dc3acda66bd7b68077db50d5c1fcc9
467137798b01eb6963e6d98d01ae909a98a558e8f77cd61cf4b7e802065eebd8
46ee3433bd8570ff50243dd1d1a4b098c10d93fbd0ae2ef4e25b83f17fa18b3d
4cc313dcbef7c2a43d82c8d9cd301ad2bedc79dcb8f31645e1dd0a8b626ba7f3
4cf85d81804acc076fc2f587e4b1474e55808ac24ab19217564f0fa8d3271c99
57004e9962b88dbcdd86c0e42e4e9963f81ee342328649898bcd71f68333a21c
5834c65ae42416206de8c4abb84665f9444b7f79f4961de1bf9c552bdf2c00df
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d07556abfd14e2ba808fe6aefe421c90fdbefb31708a66184ed0d76a4213804
5dee22ce3d29d4fb09a9c7e2fcbfeb3322f4b6ccf8c34f6938fc6597819d7496
63f16a001f0f5eb6663f69b5e922bea6b2d63d51c802d5d55d760d06a87e6b5d
6edfa55446705528abf0d6b375322e7abad9314e7d8fe018908a032393f1a5ff
70bcb0599f652b2148491f02516035c18b48ece20391457d8827c09a35f9dd70
748b4e3f768472f59ec7c056b148dd7f648abf017f3027b336f2eea23b7ae58f
7732106018c54b77491ed924e1c769090ae45bdd0c75c9650ffa3d1c0ad8b021
7b9953d4f68e5aaf42cbbb762f2cba37e006f344d243b9c40f6ae75267cbc7e0
7f33a6100922bd216598ea0fbed9c5f55178745d7d0be12f4f1f4fd6b67fb0ec
828d11e331bbb2c63061d9ce5c7616d6d724c717cf56f1b7090efcde9ad47664
831a971250674446aeda66b5bcf8fcb59f04288615138293c8d1fc118bd5c9ab
8470c9ef38aae56d7e5019490e14ee28ca1aa33842fdb5b13416262222b256b6
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
887645dbd37baf22bc211ab0c1ba3d42c7e16f46ecc212fb09770f24df9cb300
89bc13ef84d5e11814ca923353cf2c6d0f0f22cd6cac9f0b4689efeb546a882d
919fdc9898ad549409047b4493e59034fd807b888f2b12639cd27807f2268f68
926e716dd9651aef0792c69534106dedb985687e4c18e95de2f6cc708956ca1d
93637d54f3d6737b397745eb98596da77be2956c27592769fc2803f44a2ada73
9a6643c43bb4dab9a4f251752d19ded8b16fff9e5ea8f483e14b8e4c4946b7e1
9b93c7264e39c94d99fbf40c8319788386627b6dd53f010d5d8a4fd5541a5aaf
9c319255e6b91327c4d1d595bad45e8dc814405d23cf78d7082c0f23fdce227e
a8e09251c8114b58782d5b2063c0fbadbaf1d54f404d58475bc939889bc78019
b209a4772e92d76711e3b803fd3a54d5ccfc59d622323b4ed0841c1e72bed40a
bf157501b3aa29216806b9214644f5323f4482e2ec1cdbf670b60ccb9ec436da
c46dbe632a7b09b8734a0617b4ba63f93bef366d084b3795d64d460164824f5f
ca93b78c85ec1069c04993c064a6e3741257f43afa0b9b78094c9cd88017cc0e
cc7c466c7e09368a559a371ce8cd5c831535a565b4ec6cb98df39c155115dfe3
cfdcbbbafe5f910c243c4e87bbbc98934f1531814fd140f2bdff38ea5ab62ac7
d40995fc69a87b29749ff9335210267f94ccb9973db8482cbf20a9edd58efeca
d417f0122e17643b31b98c9e5966afa5540186f3c68ca38ef6294835a75b0638
d7617571fd46a328e5dd9780f782307f0af41980db668891ee4db50869182f1e
da0635c78cae58147093055d0e0c5f90c42f3f31833c35848d66b640617fcd8f
e17c59b9d678fb7b2f11f70dfd2bab0030b79a2383d4838c9660389013d00a82
ec7e4fe6a472685df241e7c4ec62adacf222573828d1161787a087b4020e4d58
ed961b09843cc616b3e4354cc0450de805a23d4a97768b0ce992817d916b8da5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e959203bc406b4698a4388ad51464d9ee2c5ff7b4011f332b7d88c6ce5dab8
f81d12a773a4160e77844fb1b786c4b50c185b4f95b120a75bae280918d8aaf2

discuss.hashicorp.com Open in urlscan Pro 2602:fd3f:3:ff02::2b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

72 Requests

100 %HTTPS

100 %IPv6

5 Domains

6 Subdomains

7 IPs

3 Countries

1393 kBTransfer

6655 kBSize

3 Cookies

3 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

discuss.hashicorp.com Open in urlscan Pro
2602:fd3f:3:ff02::2b Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

1393 kB
Transfer

6655 kB
Size

3
Cookies

72 HTTP transactions
2 data transactions