falconexperience.crowdstrike.com Open in urlscan Pro
2a04:4e42:600::740  Public Scan

URL: https://falconexperience.crowdstrike.com/login/
Submission Tags: falconsandbox
Submission: On December 06 via api from US

Summary

This website contacted 12 IPs in 6 countries across 9 domains to perform 28 HTTP transactions. The main IP is 2a04:4e42:600::740, located in Ascension Island and belongs to FASTLY, US. The main domain is falconexperience.crowdstrike.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on September 18th 2020. Valid for: a year.
This is the only time falconexperience.crowdstrike.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2a04:4e42:600... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 65.9.68.19 16509 (AMAZON-02)
2 65.9.68.13 16509 (AMAZON-02)
2 104.111.236.192 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.28.144.124 15224 (OMNITURE)
1 65.9.68.94 16509 (AMAZON-02)
1 52.49.158.250 16509 (AMAZON-02)
28 12
Domain Requested by
13 falconexperience.crowdstrike.com falconexperience.crowdstrike.com
2 munchkin.marketo.net falconexperience.crowdstrike.com
munchkin.marketo.net
2 js.driftt.com falconexperience.crowdstrike.com
js.driftt.com
2 www.google-analytics.com falconexperience.crowdstrike.com
www.google-analytics.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 281-obq-266.mktoresp.com munchkin.marketo.net
1 www.google.de falconexperience.crowdstrike.com
1 www.google.com falconexperience.crowdstrike.com
1 stats.g.doubleclick.net www.google-analytics.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com falconexperience.crowdstrike.com
28 12

This site contains links to these domains. Also see Links.

Domain
na.eventscloud.com
Subject Issuer Validity Valid
falconexperience.crowdstrike.com
DigiCert SHA2 High Assurance Server CA
2020-09-18 -
2021-09-22
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.hotjar.com
Amazon
2020-01-22 -
2021-02-22
a year crt.sh
drift.com
Amazon
2020-09-21 -
2021-10-23
a year crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA
2020-03-14 -
2021-04-13
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
www.google.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
www.google.de
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.mktoresp.com
DigiCert SHA2 Secure Server CA
2020-01-17 -
2022-01-21
2 years crt.sh

This page contains 3 frames:

Primary Page: https://falconexperience.crowdstrike.com/login/
Frame ID: 4C02317D1DCC7276F3A9D04CBF14208C
Requests: 26 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: 5EA3921CD72638F81C26CAD2B0DCDB89
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 03C7CBE88F6313F4A9A15F718F0DBDE7
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

28
Requests

96 %
HTTPS

45 %
IPv6

9
Domains

12
Subdomains

12
IPs

6
Countries

1059 kB
Transfer

2661 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://falconexperience.crowdstrike.com/wp-content/plugins/elasticpress/dist/css/related-posts-block-styles.min.css?ver=3.4.3 HTTP 302
  • https://falconexperience.crowdstrike.com/login?redirect_url=%2Fwp-content%2Fplugins%2Felasticpress%2Fdist%2Fcss%2Frelated-posts-block-styles.min.css%3Fver%3D3.4.3 HTTP 301
  • https://falconexperience.crowdstrike.com/login/?redirect_url=%2Fwp-content%2Fplugins%2Felasticpress%2Fdist%2Fcss%2Frelated-posts-block-styles.min.css%3Fver%3D3.4.3

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
falconexperience.crowdstrike.com/login/
36 KB
13 KB
Document
General
Full URL
https://falconexperience.crowdstrike.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::740 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
32cc96cc05471fdf9718599a48a6ccce31d16a01c3e5ad7c1b67702755855de5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-src https://falconexperience.crowdstrike.com https://video.ibm.com https://js.driftt.com https://vars.hotjar.com https://app-ab01.marketo.com/
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
falconexperience.crowdstrike.com
:scheme
https
:path
/login/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding
gzip
content-security-policy
upgrade-insecure-requests; frame-src https://falconexperience.crowdstrike.com https://video.ibm.com https://js.driftt.com https://vars.hotjar.com https://app-ab01.marketo.com/
content-type
text/html; charset=UTF-8
link
<https://falconexperience.crowdstrike.com/wp-json/>; rel="https://api.w.org/" <https://falconexperience.crowdstrike.com/wp-json/wp/v2/pages/533>; rel="alternate"; type="application/json" <https://falconexperience.crowdstrike.com/?p=533>; rel=shortlink
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains max-age=300
x-pantheon-styx-hostname
styx-fe2-b-787ccf59d-cp5zk
x-styx-req-id
03554768-3793-11eb-8a62-d6342341302a
age
0
accept-ranges
bytes
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
cache-control
no-cache,must-revalidate,max-age=3600,no-store,private
x-content-type-options
nosniff
x-xss-protection
1; mode=block
date
Sun, 06 Dec 2020 07:16:52 GMT
x-served-by
cache-mdw17349-MDW, cache-vie21650-VIE, cache-vie21648-VIE, cache-vie21643-VIE
x-cache
MISS, MISS, MISS, MISS
x-cache-hits
0, 0, 0, 0
x-timer
S1607239012.981898,VS0,VE526
vary
Accept-Encoding, Cookie, Cookie, orig-host
content-length
12314
style.min.css
falconexperience.crowdstrike.com/wp-includes/css/dist/block-library/
53 KB
10 KB
Stylesheet
General
Full URL
https://falconexperience.crowdstrike.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.1
Requested by
Host: falconexperience.crowdstrike.com
URL: https://falconexperience.crowdstrike.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::740 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-cache
MISS, MISS, MISS, MISS
x-cache-hits
0, 0, 0, 0
content-length
9846
x-xss-protection
1; mode=block
x-served-by
cache-mdw17354-MDW, cache-vie21638-VIE, cache-vie21629-VIE, cache-vie21643-VIE
last-modified
Sun, 06 Dec 2020 01:43:41 GMT
server
nginx
x-timer
S1607239013.529584,VS0,VE211
date
Sun, 06 Dec 2020 07:16:52 GMT
vary
Accept-Encoding, orig-host
content-type
text/css
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
expires
Tue, 07 Dec 2021 07:16:52 GMT
cache-control
no-cache,must-revalidate,max-age=3600,no-store,private
etag
W/"5fcc374d-d293"
accept-ranges
bytes
x-styx-req-id
03a942fe-3793-11eb-8a62-d6342341302a
x-pantheon-styx-hostname
styx-fe2-b-787ccf59d-cp5zk
/
falconexperience.crowdstrike.com/login/
Redirect Chain
  • https://falconexperience.crowdstrike.com/wp-content/plugins/elasticpress/dist/css/related-posts-block-styles.min.css?ver=3.4.3
  • https://falconexperience.crowdstrike.com/login?redirect_url=%2Fwp-content%2Fplugins%2Felasticpress%2Fdist%2Fcss%2Frelated-posts-block-styles.min.css%3Fver%3D3.4.3
  • https://falconexperience.crowdstrike.com/login/?redirect_url=%2Fwp-content%2Fplugins%2Felasticpress%2Fdist%2Fcss%2Frelated-posts-block-styles.min.css%3Fver%3D3.4.3
0
0

styles.css
falconexperience.crowdstrike.com/wp-content/plugins/contact-form-7/includes/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://falconexperience.crowdstrike.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.2.2
Requested by
Host: falconexperience.crowdstrike.com
URL: https://falconexperience.crowdstrike.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::740 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
892af9f95c881cde5c6c1810e0f45e4687174a1171504c96b36218dd54bb1486
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
x-content-type-options
nosniff
age
2058393
x-cache
HIT, MISS, MISS, MISS
x-cache-hits
1, 0, 0, 0
content-length
782
x-xss-protection
1; mode=block
x-served-by
cache-mdw17320-MDW, cache-vie21650-VIE, cache-vie21623-VIE, cache-vie21643-VIE
last-modified
Wed, 11 Nov 2020 20:34:08 GMT
server
nginx
x-timer
S1607239013.529717,VS0,VE132
date
Sun, 06 Dec 2020 07:16:52 GMT
vary
Accept-Encoding, orig-host
content-type
text/css
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
expires
Sat, 13 Nov 2021 11:30:19 GMT
cache-control
no-cache,must-revalidate,max-age=3600,no-store,private
etag
W/"5fac4ac0-780"
accept-ranges
bytes
x-styx-req-id
719224ab-24da-11eb-8b2a-1a2cb58d7ec8
x-pantheon-styx-hostname
styx-fe2-a-d785fd5c9-fzgms
main.css
falconexperience.crowdstrike.com/wp-content/themes/crowdstrike/build/
200 KB
40 KB
Stylesheet
General
Full URL
https://falconexperience.crowdstrike.com/wp-content/themes/crowdstrike/build/main.css?ver=1607171038
Requested by
Host: falconexperience.crowdstrike.com
URL: https://falconexperience.crowdstrike.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::740 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b2998448d89dae71f30370465f295e15d57ca32445a3c56281aa94fcadd872c4
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-cache
MISS, MISS, MISS, MISS
x-cache-hits
0, 0, 0, 0
content-length
40512
x-xss-protection
1; mode=block
x-served-by
cache-mdw17333-MDW, cache-vie21635-VIE, cache-vie21646-VIE, cache-vie21643-VIE
last-modified
Sat, 05 Dec 2020 22:35:50 GMT
server
nginx
x-timer
S1607239013.529708,VS0,VE159
date
Sun, 06 Dec 2020 07:16:52 GMT
vary
Accept-Encoding, orig-host
content-type
text/css
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
expires
Tue, 07 Dec 2021 07:16:52 GMT
cache-control
no-cache,must-revalidate,max-age=3600,no-store,private
etag
W/"5fcc0b46-31fb7"
accept-ranges
bytes
x-styx-req-id
03a92b8c-3793-11eb-8b5e-ae7424a480af
x-pantheon-styx-hostname
styx-fe2-a-86b67549cd-5s222
jquery.js
falconexperience.crowdstrike.com/wp-includes/js/jquery/
95 KB
39 KB
Script
General
Full URL
https://falconexperience.crowdstrike.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: falconexperience.crowdstrike.com
URL: https://falconexperience.crowdstrike.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::740 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
x-content-type-options
nosniff
age
639276
x-cache
HIT, HIT, MISS, MISS
x-cache-hits
1, 1, 0, 0
content-length
39399
x-xss-protection
1; mode=block
x-served-by
cache-mdw17359-MDW, cache-vie21637-VIE, cache-vie21632-VIE, cache-vie21643-VIE
last-modified
Sat, 28 Nov 2020 04:02:31 GMT
server
nginx
x-timer
S1607239013.529830,VS0,VE15
date
Sun, 06 Dec 2020 07:16:52 GMT
vary
Accept-Encoding, orig-host
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
expires
Mon, 29 Nov 2021 21:42:16 GMT
cache-control
no-cache,must-revalidate,max-age=3600,no-store,private
etag
W/"5fc1cbd7-17a69"
accept-ranges
bytes
x-styx-req-id
957f316b-31c2-11eb-9c84-d23e74327512
x-pantheon-styx-hostname
styx-fe2-a-86b67549cd-srlt7
adversary-red-eyes.png
falconexperience.crowdstrike.com/wp-content/themes/crowdstrike/images/shapes/
172 KB
173 KB
Image
General
Full URL
https://falconexperience.crowdstrike.com/wp-content/themes/crowdstrike/images/shapes/adversary-red-eyes.png
Requested by
Host: falconexperience.crowdstrike.com
URL: https://falconexperience.crowdstrike.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::740 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
94d247291d12b252840910d8ed73a6c85dc016a377616b0ecbf7e25182e0f8fb
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
2749499
x-cache
HIT, HIT, MISS, MISS
x-cache-hits
1, 4, 0, 0
content-length
176117
x-xss-protection
1; mode=block
x-served-by
cache-mdw17328-MDW, cache-vie21642-VIE, cache-vie21628-VIE, cache-vie21643-VIE
last-modified
Tue, 03 Nov 2020 13:04:56 GMT
server
nginx
x-timer
S1607239013.858632,VS0,VE53
date
Sun, 06 Dec 2020 07:16:52 GMT
vary
orig-host
content-type
image/png
x-styx-req-id
56a13e54-1e91-11eb-a11d-7eed1e7dcbbe
expires
Fri, 05 Nov 2021 11:31:53 GMT
cache-control
no-cache,must-revalidate,max-age=3600,no-store,private
etag
"5fa15578-2aff5"
accept-ranges
bytes
x-pantheon-styx-hostname
styx-fe2-a-b54bc866d-9vs57
scripts.js
falconexperience.crowdstrike.com/wp-content/plugins/contact-form-7/includes/js/
14 KB
5 KB
Script
General
Full URL
https://falconexperience.crowdstrike.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.2.2
Requested by
Host: falconexperience.crowdstrike.com
URL: https://falconexperience.crowdstrike.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::740 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-cache
MISS, MISS, MISS, MISS
x-cache-hits
0, 0, 0, 0
content-length
4619
x-xss-protection
1; mode=block
x-served-by
cache-mdw17351-MDW, cache-vie21647-VIE, cache-vie21651-VIE, cache-vie21643-VIE
last-modified
Sun, 06 Dec 2020 06:47:42 GMT
server
nginx
x-timer
S1607239013.753753,VS0,VE162
date
Sun, 06 Dec 2020 07:16:52 GMT
vary
Accept-Encoding, orig-host
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
expires
Tue, 07 Dec 2021 07:16:52 GMT
cache-control
no-cache,must-revalidate,max-age=3600,no-store,private
etag
W/"5fcc7e8e-3719"
accept-ranges
bytes
x-styx-req-id
03cb2b64-3793-11eb-8a62-d6342341302a
x-pantheon-styx-hostname
styx-fe2-b-787ccf59d-cp5zk
app.js
falconexperience.crowdstrike.com/wp-content/themes/crowdstrike/build/
1 MB
484 KB
Script
General
Full URL
https://falconexperience.crowdstrike.com/wp-content/themes/crowdstrike/build/app.js?ver=1607171038
Requested by
Host: falconexperience.crowdstrike.com
URL: https://falconexperience.crowdstrike.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::740 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6594e4d87c1bd40e2f03cdc3acd182f69a29451b92939f73c9a41cdc7950dc1d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-cache
MISS, MISS, MISS, MISS
x-cache-hits
0, 0, 0, 0
content-length
494485
x-xss-protection
1; mode=block
x-served-by
cache-mdw17351-MDW, cache-vie21642-VIE, cache-vie21645-VIE, cache-vie21643-VIE
last-modified
Sat, 05 Dec 2020 11:56:00 GMT
server
nginx
x-timer
S1607239013.844798,VS0,VE294
date
Sun, 06 Dec 2020 07:16:53 GMT
vary
Accept-Encoding, orig-host
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
expires
Tue, 07 Dec 2021 07:16:52 GMT
cache-control
no-cache,must-revalidate,max-age=3600,no-store,private
etag
W/"5fcb7550-173f40"
accept-ranges
bytes
x-styx-req-id
03d956b1-3793-11eb-9f72-a65c33fe9e05
x-pantheon-styx-hostname
styx-fe2-a-86b67549cd-m8bwl
wp-embed.min.js
falconexperience.crowdstrike.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://falconexperience.crowdstrike.com/wp-includes/js/wp-embed.min.js?ver=5.5.1
Requested by
Host: falconexperience.crowdstrike.com
URL: https://falconexperience.crowdstrike.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::740 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
x-content-type-options
nosniff
age
231693
x-cache
HIT, MISS, MISS, MISS
x-cache-hits
1, 0, 0, 0
content-length
784
x-xss-protection
1; mode=block
x-served-by
cache-mdw17330-MDW, cache-vie21622-VIE, cache-vie21651-VIE, cache-vie21643-VIE
last-modified
Thu, 03 Dec 2020 04:18:25 GMT
server
nginx
x-timer
S1607239013.858527,VS0,VE169
date
Sun, 06 Dec 2020 07:16:53 GMT
vary
Accept-Encoding, orig-host
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
expires
Sat, 04 Dec 2021 14:55:20 GMT
cache-control
no-cache,must-revalidate,max-age=3600,no-store,private
etag
W/"5fc86711-59a"
accept-ranges
bytes
x-styx-req-id
905946ee-3577-11eb-a295-1a504ac55431
x-pantheon-styx-hostname
styx-fe2-b-787ccf59d-ntpxh
wp-emoji-release.min.js
falconexperience.crowdstrike.com/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://falconexperience.crowdstrike.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.1
Requested by
Host: falconexperience.crowdstrike.com
URL: https://falconexperience.crowdstrike.com/login/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::740 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-cache
MISS, MISS, MISS, MISS
x-cache-hits
0, 0, 0, 0
content-length
5282
x-xss-protection
1; mode=block
x-served-by
cache-mdw17320-MDW, cache-vie21642-VIE, cache-vie21624-VIE, cache-vie21643-VIE
last-modified
Sun, 06 Dec 2020 03:45:55 GMT
server
nginx
x-timer
S1607239013.858617,VS0,VE190
date
Sun, 06 Dec 2020 07:16:53 GMT
vary
Accept-Encoding, orig-host
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
expires
Tue, 07 Dec 2021 07:16:52 GMT
cache-control
no-cache,must-revalidate,max-age=3600,no-store,private
etag
W/"5fcc53f3-37a6"
accept-ranges
bytes
x-styx-req-id
03e067b2-3793-11eb-a65c-12651cbb9a62
x-pantheon-styx-hostname
styx-fe2-b-787ccf59d-bnv7w
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: falconexperience.crowdstrike.com
URL: https://falconexperience.crowdstrike.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1622
date
Sun, 06 Dec 2020 06:49:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sun, 06 Dec 2020 08:49:50 GMT
hotjar-897373.js
static.hotjar.com/c/
16 KB
3 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-897373.js?sv=6
Requested by
Host: falconexperience.crowdstrike.com
URL: https://falconexperience.crowdstrike.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4d4a4e0ca500b88e696f131c6131a3f2a73d5afb6d6af9e075a378e921975afa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 07:16:52 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA56-C1
etag
W/8014af06d86314b8ea3ade11a3aa6e97
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-id
LsnynLiyeiQaZzB9-tjgiZFDkGKiSPv1J0eKN85yHztpdsAG7sMzYw==
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
9d4udx6ceimp.js
js.driftt.com/include/1607239200000/
138 KB
45 KB
Script
General
Full URL
https://js.driftt.com/include/1607239200000/9d4udx6ceimp.js
Requested by
Host: falconexperience.crowdstrike.com
URL: https://falconexperience.crowdstrike.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
036823aa02a9bc4859f15f74aa8fa892b1daae7639c171b255181865830c2830
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 07:16:52 GMT
content-encoding
gzip
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Fri, 04 Dec 2020 20:12:33 GMT
server
nginx
etag
W/"0841833c249bb5f56090456e0723d9bf"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
cache-control
max-age=10
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
XaW4NKwGdEbJBtg-kXtYEbRBTaJgDL1u4hg40EREUqL1SRfh8-oI_w==
munchkin.js
munchkin.marketo.net/
1 KB
1 KB
Script
General
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: falconexperience.crowdstrike.com
URL: https://falconexperience.crowdstrike.com/login/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.236.192 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-236-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 06 Dec 2020 07:16:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Aug 2020 03:11:00 GMT
Server
AkamaiNetStorage
ETag
"a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
752
font.woff2
falconexperience.crowdstrike.com/wp-content/themes/crowdstrike/src/fonts/NHaasGroteskTXPro-55Rg/
67 KB
68 KB
Font
General
Full URL
https://falconexperience.crowdstrike.com/wp-content/themes/crowdstrike/src/fonts/NHaasGroteskTXPro-55Rg/font.woff2
Requested by
Host: falconexperience.crowdstrike.com
URL: https://falconexperience.crowdstrike.com/wp-content/themes/crowdstrike/build/main.css?ver=1607171038
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::740 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fb6aea40dc7eb3b2126588890cd1bfb79c755ab76f1f262489a69733505bd773
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://falconexperience.crowdstrike.com
Referer
https://falconexperience.crowdstrike.com/wp-content/themes/crowdstrike/build/main.css?ver=1607171038
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
913743
x-cache
HIT, HIT, MISS, MISS
x-cache-hits
1, 1, 0, 0
content-length
68760
x-xss-protection
1; mode=block
x-served-by
cache-mdw17369-MDW, cache-vie21644-VIE, cache-vie21625-VIE, cache-vie21643-VIE
last-modified
Wed, 25 Nov 2020 13:38:20 GMT
server
nginx
x-timer
S1607239013.867336,VS0,VE18
date
Sun, 06 Dec 2020 07:16:52 GMT
vary
orig-host
content-type
font/woff2
access-control-allow-origin
*
expires
Fri, 26 Nov 2021 17:27:50 GMT
cache-control
no-cache,must-revalidate,max-age=3600,no-store,private
etag
"5fbe5e4c-10c98"
accept-ranges
bytes
x-styx-req-id
8abc822c-2f43-11eb-b7e2-b628e15f31f4
x-pantheon-styx-hostname
styx-fe2-b-787ccf59d-lk4v5
font.woff2
falconexperience.crowdstrike.com/wp-content/themes/crowdstrike/src/fonts/NHaasGroteskTXPro-75Bd/
68 KB
69 KB
Font
General
Full URL
https://falconexperience.crowdstrike.com/wp-content/themes/crowdstrike/src/fonts/NHaasGroteskTXPro-75Bd/font.woff2
Requested by
Host: falconexperience.crowdstrike.com
URL: https://falconexperience.crowdstrike.com/wp-content/themes/crowdstrike/build/main.css?ver=1607171038
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::740 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
04e2192a794aebf33b4e49d17009c18ad84d78a8b006699b0b03f19ce8ccc912
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://falconexperience.crowdstrike.com
Referer
https://falconexperience.crowdstrike.com/wp-content/themes/crowdstrike/build/main.css?ver=1607171038
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
887456
x-cache
HIT, HIT, MISS, MISS
x-cache-hits
1, 1, 0, 0
content-length
69884
x-xss-protection
1; mode=block
x-served-by
cache-mdw17360-MDW, cache-vie21645-VIE, cache-vie21651-VIE, cache-vie21643-VIE
last-modified
Wed, 25 Nov 2020 06:12:35 GMT
server
nginx
x-timer
S1607239013.867408,VS0,VE53
date
Sun, 06 Dec 2020 07:16:52 GMT
vary
orig-host
content-type
font/woff2
access-control-allow-origin
*
expires
Sat, 27 Nov 2021 00:45:56 GMT
cache-control
no-cache,must-revalidate,max-age=3600,no-store,private
etag
"5fbdf5d3-110fc"
accept-ranges
bytes
x-styx-req-id
bed69077-2f80-11eb-887d-4e57645344c9
x-pantheon-styx-hostname
styx-fe2-b-787ccf59d-wk2mg
Tungsten-Book_Web.woff2
falconexperience.crowdstrike.com/wp-content/themes/crowdstrike/src/fonts/Tungsten/
19 KB
20 KB
Font
General
Full URL
https://falconexperience.crowdstrike.com/wp-content/themes/crowdstrike/src/fonts/Tungsten/Tungsten-Book_Web.woff2
Requested by
Host: falconexperience.crowdstrike.com
URL: https://falconexperience.crowdstrike.com/wp-content/themes/crowdstrike/build/main.css?ver=1607171038
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::740 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
77e13a9e7313ac268caeb4e6ffd1165bd36618f7ba19f660d8dc7a4e3483ebe3
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://falconexperience.crowdstrike.com
Referer
https://falconexperience.crowdstrike.com/wp-content/themes/crowdstrike/build/main.css?ver=1607171038
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
1726672
x-cache
HIT, MISS, MISS, MISS
x-cache-hits
1, 0, 0, 0
content-length
19726
x-xss-protection
1; mode=block
x-served-by
cache-mdw17353-MDW, cache-vie21638-VIE, cache-vie21637-VIE, cache-vie21643-VIE
last-modified
Mon, 16 Nov 2020 03:41:31 GMT
server
nginx
x-timer
S1607239013.867599,VS0,VE130
date
Sun, 06 Dec 2020 07:16:52 GMT
vary
orig-host
content-type
font/woff2
access-control-allow-origin
*
expires
Wed, 17 Nov 2021 07:39:00 GMT
cache-control
no-cache,must-revalidate,max-age=3600,no-store,private
etag
"5fb1f4eb-4d0e"
accept-ranges
bytes
x-styx-req-id
caebd8ed-27de-11eb-8a8e-3aaee5756814
x-pantheon-styx-hostname
styx-fe2-b-765d589ffd-xrpjk
modules.b95238168e0f39a591d4.js
script.hotjar.com/
221 KB
58 KB
Script
General
Full URL
https://script.hotjar.com/modules.b95238168e0f39a591d4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-897373.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
354aea47aa82c8186cfef1b83949d1170cfbd416b0657680ed6326144956db51
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 17:51:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
134695
x-cache
Hit from cloudfront
content-length
58986
access-control-allow-origin
*
last-modified
Fri, 04 Dec 2020 17:44:00 GMT
etag
"c8a0429ce3ffc814abca813a097a6f33"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
k_raaD964tacW03TvuJZq3WdnJ7kbszT-7eVRVsCQzfXesc1JQPIJw==
collect
www.google-analytics.com/j/
4 B
81 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=264311488&t=pageview&_s=1&dl=https%3A%2F%2Ffalconexperience.crowdstrike.com%2Flogin%2F&ul=en-us&de=UTF-8&dt=Log%20In%20Now!%20-%20Crowdstrike&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1351414687&gjid=1330591263&cid=1860185998.1607239013&tid=UA-25861131-17&_gid=18146097.1607239013&_r=1&_slc=1&z=615495849
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 06 Dec 2020 07:16:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://falconexperience.crowdstrike.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
munchkin.js
munchkin.marketo.net/159/
11 KB
5 KB
Script
General
Full URL
https://munchkin.marketo.net/159/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.236.192 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-236-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 06 Dec 2020 07:16:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 May 2020 02:24:14 GMT
Server
AkamaiNetStorage
ETag
"79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4810
Expires
Tue, 16 Mar 2021 07:16:52 GMT
collect
stats.g.doubleclick.net/j/
4 B
99 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-25861131-17&cid=1860185998.1607239013&jid=1351414687&gjid=1330591263&_gid=18146097.1607239013&_u=IEBAAEAAAAAAAC~&z=773657443
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 06 Dec 2020 07:16:52 GMT
content-type
text/plain
access-control-allow-origin
https://falconexperience.crowdstrike.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-25861131-17&cid=1860185998.1607239013&jid=1351414687&_u=IEBAAEAAAAAAAC~&z=1893707298
Requested by
Host: falconexperience.crowdstrike.com
URL: https://falconexperience.crowdstrike.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Dec 2020 07:16:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-25861131-17&cid=1860185998.1607239013&jid=1351414687&_u=IEBAAEAAAAAAAC~&z=1893707298
Requested by
Host: falconexperience.crowdstrike.com
URL: https://falconexperience.crowdstrike.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Dec 2020 07:16:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visitWebPage
281-obq-266.mktoresp.com/webevents/
2 B
311 B
XHR
General
Full URL
https://281-obq-266.mktoresp.com/webevents/visitWebPage?_mchNc=1607239012988&_mchCn=&_mchId=281-OBQ-266&_mchTk=_mch-crowdstrike.com-1607239012987-54916&_mchHo=falconexperience.crowdstrike.com&_mchPo=&_mchRu=%2Flogin%2F&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 06 Dec 2020 07:16:53 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
e8c4c4dc-51f2-4dfd-83f6-c855e70be7ae
index.html
js.driftt.com/deploy/assets/ Frame 5EA3
0
0
Document
General
Full URL
https://js.driftt.com/deploy/assets/index.html
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1607239200000/9d4udx6ceimp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
js.driftt.com
:scheme
https
:path
/deploy/assets/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://falconexperience.crowdstrike.com/login/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://falconexperience.crowdstrike.com/login/

Response headers

content-type
text/html; charset=utf-8
content-length
894
server
nginx
last-modified
Fri, 04 Dec 2020 20:12:33 GMT
x-amz-server-side-encryption
AES256
accept-ranges
bytes
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 06 Dec 2020 07:16:53 GMT
etag
"694499f8a321e63200bd60198ab5119e"
cache-control
max-age=10
x-cache
Hit from cloudfront
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
IYWgZ0Y11ArXZcXGnY7Y1fyqMBt7Yns_IIvm2KAV1eIqrQFLFpWNCw==
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 03C7
0
0
Document
General
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-897373.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://falconexperience.crowdstrike.com/login/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://falconexperience.crowdstrike.com/login/

Response headers

content-type
text/html
content-length
851
date
Fri, 06 Nov 2020 22:29:56 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Fri, 06 Nov 2020 16:42:59 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 9570c3a1725c20e6faed117bbb74223b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
z6RuR296jVJ_B89J_UKKBeDcNcdcDaXqVoY6_XbhFTTb11hl3L7s4A==
age
2537217
visit-data
in.hotjar.com/api/v2/client/sites/897373/
178 B
321 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/897373/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b95238168e0f39a591d4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.158.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-158-250.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer
https://falconexperience.crowdstrike.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 06 Dec 2020 07:16:53 GMT
content-encoding
br
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
falconexperience.crowdstrike.com
URL
https://falconexperience.crowdstrike.com/login/?redirect_url=%2Fwp-content%2Fplugins%2Felasticpress%2Fdist%2Fcss%2Frelated-posts-block-styles.min.css%3Fver%3D3.4.3

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| drift function| driftt object| wpcf7 object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| MunchkinTracker object| twemoji object| wp object| __core-js_shared__ object| platform boolean| __DRIFTT_WIDGET_INCLUDED__ string| __DRIFT_INSTANCE_ID__ boolean| __DRIFTT_SHOW_WIDGET_ON_BOOT__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| Modernizr function| PlayerAPI object| eventTracking

11 Cookies

Domain/Path Name / Value
falconexperience.crowdstrike.com/ Name: _hjIncludedInSessionSample
Value: 1
.crowdstrike.com/ Name: _hjFirstSeen
Value: 1
falconexperience.crowdstrike.com/ Name: _hjIncludedInPageviewSample
Value: 1
falconexperience.crowdstrike.com/ Name: driftt_aid
Value: e9a52915-4a9c-4f80-b9a7-81f21412b48f
.crowdstrike.com/ Name: _gat
Value: 1
.crowdstrike.com/ Name: _mkto_trk
Value: id:281-OBQ-266&token:_mch-crowdstrike.com-1607239012987-54916
.crowdstrike.com/ Name: _hjTLDTest
Value: 1
.crowdstrike.com/ Name: _gid
Value: GA1.2.18146097.1607239013
.crowdstrike.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.crowdstrike.com/ Name: _hjid
Value: f1c13ab8-a466-45bb-aaf0-066ddd329723
.crowdstrike.com/ Name: _ga
Value: GA1.2.1860185998.1607239013

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; frame-src https://falconexperience.crowdstrike.com https://video.ibm.com https://js.driftt.com https://vars.hotjar.com https://app-ab01.marketo.com/
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

281-obq-266.mktoresp.com
falconexperience.crowdstrike.com
in.hotjar.com
js.driftt.com
munchkin.marketo.net
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
falconexperience.crowdstrike.com
104.111.236.192
192.28.144.124
2a00:1450:4001:802::2004
2a00:1450:4001:817::2003
2a00:1450:4001:824::200e
2a00:1450:400c:c02::9c
2a04:4e42:600::740
52.49.158.250
65.9.68.13
65.9.68.19
65.9.68.94
036823aa02a9bc4859f15f74aa8fa892b1daae7639c171b255181865830c2830
04e2192a794aebf33b4e49d17009c18ad84d78a8b006699b0b03f19ce8ccc912
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
32cc96cc05471fdf9718599a48a6ccce31d16a01c3e5ad7c1b67702755855de5
354aea47aa82c8186cfef1b83949d1170cfbd416b0657680ed6326144956db51
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
4d4a4e0ca500b88e696f131c6131a3f2a73d5afb6d6af9e075a378e921975afa
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
6594e4d87c1bd40e2f03cdc3acd182f69a29451b92939f73c9a41cdc7950dc1d
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
77e13a9e7313ac268caeb4e6ffd1165bd36618f7ba19f660d8dc7a4e3483ebe3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
892af9f95c881cde5c6c1810e0f45e4687174a1171504c96b36218dd54bb1486
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
94d247291d12b252840910d8ed73a6c85dc016a377616b0ecbf7e25182e0f8fb
a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2998448d89dae71f30370465f295e15d57ca32445a3c56281aa94fcadd872c4
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb6aea40dc7eb3b2126588890cd1bfb79c755ab76f1f262489a69733505bd773