awakesecurity.com Open in urlscan Pro
104.26.14.86 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.recordedfuture.com/e2t/sc2/Mm-nFbk9JyrW5Z9fw75wmJ_qW8MKQPP5tfVwrW8rPGX_8hhVfHf1KTlgdd3
Effective URL:
https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075...
Submission: On May 14 via api (May 14th 2021, 12:07:38 am UTC) from SG

Summary HTTP 86 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 35 domains to perform 86 HTTP transactions. The main IP is 104.26.14.86, located in United States and belongs to CLOUDFLARENET, US. The main domain is awakesecurity.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2020. Valid for: a year.

This is the only time awakesecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.254 199.60.103.254	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
17	104.26.14.86 104.26.14.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
4	68.232.35.12 68.232.35.12	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6811:b849	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
3	18.130.127.114 18.130.127.114	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b0::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	167.99.251.246 167.99.251.246	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	3.121.124.121 3.121.124.121	16509 (AMAZON-02) (AMAZON-02)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
4	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	35.177.228.44 35.177.228.44	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
86	36

2 199.60.103.254 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.26.14.86 (United States)

ASN13335 (CLOUDFLARENET, US)

awakesecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.232.35.12 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b849 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.130.127.114 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

hubspot.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ga.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b0::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.99.251.246 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

front.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.124.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

img.blindspot.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.228.44 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

x.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	awakesecurity.com awakesecurity.com	445 KB
7	google-analytics.com www.google-analytics.com	54 KB
5	google.de www.google.de	316 B
5	google.com www.google.com	341 B
5	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	1 KB
5	gstatic.com fonts.gstatic.com	110 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
3	optimonk.com front.optimonk.com	14 KB
3	clearbit.com hubspot.clearbit.com x.clearbit.com ga.clearbit.com	8 KB
3	bizible.com cdn.bizible.com	34 KB
2	nr-data.net bam.nr-data.net	459 B
2	hubspot.com track.hubspot.com	755 B
2	facebook.com www.facebook.com	367 B
2	facebook.net connect.facebook.net	96 KB
2	cookielaw.org cdn.cookielaw.org	22 KB
2	youtube.com www.youtube.com	43 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	recordedfuture.com 1 redirects go.recordedfuture.com	3 KB
1	twitter.com analytics.twitter.com	280 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	onetrust.com geolocation.onetrust.com	136 B
1	jquery.com code.jquery.com	30 KB
1	hs-analytics.net js.hs-analytics.net	18 KB
1	hs-banner.com js.hs-banner.com	14 KB
1	t.co t.co	165 B
1	blindspot.ai img.blindspot.ai	313 B
1	clearbitjs.com x.clearbitjs.com	87 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	hs-scripts.com js.hs-scripts.com	648 B
1	googleadservices.com www.googleadservices.com	14 KB
1	licdn.com snap.licdn.com	2 KB
1	hsforms.com forms.hsforms.com	3 KB
1	bizibly.com cdn.bizibly.com	202 B
1	googletagmanager.com www.googletagmanager.com	50 KB
1	hsforms.net js.hsforms.net	135 KB
86	35

	Domain	Requested by
17	awakesecurity.com	go.recordedfuture.com awakesecurity.com
7	www.google-analytics.com	www.googletagmanager.com cdn.bizible.com www.google-analytics.com awakesecurity.com
5	www.google.de	awakesecurity.com
5	www.google.com	awakesecurity.com
5	fonts.gstatic.com	fonts.googleapis.com
4	stats.g.doubleclick.net	cdn.bizible.com
3	front.optimonk.com	go.recordedfuture.com cdn.bizible.com
3	cdn.bizible.com	awakesecurity.com cdn.bizible.com
2	bam.nr-data.net	js-agent.newrelic.com cdn.bizible.com
2	track.hubspot.com
2	www.facebook.com	awakesecurity.com connect.facebook.net
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	go.recordedfuture.com connect.facebook.net
2	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
2	www.youtube.com	awakesecurity.com www.youtube.com
2	fonts.googleapis.com	awakesecurity.com js.hsforms.net
2	go.recordedfuture.com	1 redirects
1	analytics.twitter.com	static.ads-twitter.com
1	js-agent.newrelic.com	awakesecurity.com
1	geolocation.onetrust.com	code.jquery.com
1	ga.clearbit.com	www.googletagmanager.com
1	code.jquery.com	cdn.cookielaw.org
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	x.clearbit.com	cdn.bizible.com
1	t.co	awakesecurity.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	px4.ads.linkedin.com	awakesecurity.com
1	www.linkedin.com	1 redirects
1	img.blindspot.ai	awakesecurity.com
1	x.clearbitjs.com	go.recordedfuture.com
1	static.ads-twitter.com	go.recordedfuture.com
1	js.hs-scripts.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	forms.hsforms.com	js.hsforms.net
1	cdn.bizibly.com	awakesecurity.com
1	hubspot.clearbit.com	awakesecurity.com
1	www.googletagmanager.com	awakesecurity.com
1	js.hsforms.net	awakesecurity.com
86	40

This site contains links to these domains. Also see Links.

Domain
onetrust.com
github.com
www.crowdstrike.com
twitter.com
www.linkedin.com
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
go.recordedfuture.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-18` - `2021-07-18`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
io.bizible.com DigiCert SHA2 Secure Server CA	`2020-12-14` - `2021-11-15`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
clearbit.com Amazon	`2020-09-25` - `2021-10-25`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.optimonk.com AlphaSSL CA - SHA256 - G2	`2021-04-19` - `2022-05-21`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
clearbitjs.com Amazon	`2021-02-27` - `2022-03-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
img.blindspot.ai R3	`2021-04-15` - `2021-07-14`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-13` - `2022-04-10`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
Frame ID: 007DE34CAD5FC4182D4D3B7C8C50E3A5
Requests: 87 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go.recordedfuture.com/e2t/sc2/Mm-nFbk9JyrW5Z9fw75wmJ_qW8MKQPP5tfVwrW8rPGX_8hhVfHf1KTlgdd3 Page URL
https://go.recordedfuture.com/events/public/v1/track/sc2/Mm-nFbk9JyrW5Z9fw75wmJ_qW8MKQPP5tfVwrW8rPGX_8hhVf... HTTP 307
https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=emai... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

86
Requests

100 %
HTTPS

62 %
IPv6

35
Domains

40
Subdomains

36
IPs

5
Countries

1201 kB
Transfer

3203 kB
Size

11
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://github.com/cobbr/SharpSploit
Title: SharpSploit

Search URL Search Domain Scan URL

URL: https://github.com/adrecon/ADRecon
Title: ADRecon

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.com/blog/getting-the-bacon-from-cobalt-strike-beacon/
Title: CrowdStrike

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Catching%20the%20White%20Stork%20in%20Flight&url=https://awakesecurity.com/blog/catching-the-white-stork-in-flight/&via=AwakeSecurity
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=1&url=https://awakesecurity.com/blog/catching-the-white-stork-in-flight/&title=Catching%20the%20White%20Stork%20in%20Flight&summary=Executive%20Summary%20Arista%E2%80%99s%20Awake%20Labs%20team%20responded%20to%20a%20cybersecurity%20incident%20with%20a%20campaign%20that%20has%20been%20active%20since%20at%20least%20October%202020,%20which%20we%20are%20labeling%20Operation%20White%20Stork.%20This%20campaign%20utilized%20multiple%20techniques%20and%20tools%20including%20Cobalt%20Strike%20Beacon,%20the%20MetaSploit%20Framework,%20Mimikatz,%20SharpSploit%20and%20exfiltration%20using%20rclone.%20Awake%E2%80%99s%20analysis%20showed%20that%20the%20[%E2%80%A6]&source=https://awakesecurity.com/
Title: Share

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/kieran-evans-77632427/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/awake-security
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/AwakeSecurity
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AwakeSecurity/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/AwakeSecurity
Title: YouTube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.recordedfuture.com/e2t/sc2/Mm-nFbk9JyrW5Z9fw75wmJ_qW8MKQPP5tfVwrW8rPGX_8hhVfHf1KTlgdd3 Page URL
https://go.recordedfuture.com/events/public/v1/track/sc2/Mm-nFbk9JyrW5Z9fw75wmJ_qW8MKQPP5tfVwrW8rPGX_8hhVfHf1KTlgdd3?_ud=af81a612-0bc8-4346-854b-7eb5fe5fdca9&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1620950827489&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D116994%26time%3D1620950827489%26url%3Dhttps%253A%252F%252Fawakesecurity.com%252Fblog%252Fcatching-the-white-stork-in-flight%252F%253Futm_source%253Dhs_email%2526utm_medium%253Demail%2526utm_content%253D127075587%2526_hsmi%253D127075587%2526_hsenc%253Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1620950827489&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1620950827489&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A&liSync=true&e_ipv6=AQLWu0HO8ekxbAAAAXloMsf_zVx6A-6u3Kdt9VVIAYq8E0H43_GQqwvDwPpLdh4cs0HnWdqZ

86 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Mm-nFbk9JyrW5Z9fw75wmJ_qW8MKQPP5tfVwrW8rPGX_8hhVfHf1KTlgdd3
go.recordedfuture.com/e2t/sc2/ 8 KB
2 KB 107ms
105ms Document
text/html 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.recordedfuture.com/e2t/sc2/Mm-nFbk9JyrW5Z9fw75wmJ_qW8MKQPP5tfVwrW8rPGX_8hhVfHf1KTlgdd3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: go.recordedfuture.com
:scheme: https
:path: /e2t/sc2/Mm-nFbk9JyrW5Z9fw75wmJ_qW8MKQPP5tfVwrW8rPGX_8hhVfHf1KTlgdd3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:00 GMT
content-type: text/html;charset=utf-8
cf-ray: 64efe24198534c97-AMS
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0a09cbbcfe00004c97c62f5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 27295ab5-dade-4cd2-9ace-fb3683155231
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w%2FbhWDX7l3edj77Gtt4zR9nLtPh6H7kuLklehzWuNCBic8vHJF8pE5qkpP5bliwUEMylGd%2BgV0U6biKj29RXZ7KeymSpt2yxnLATNRjT5Kk1awnzJh8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=8fe45bd0695118d29042ea84ec856c461f84f2be-1620950820; path=/; domain=.go.recordedfuture.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
awakesecurity.com/blog/catching-the-white-stork-in-flight/
Redirect Chain

https://go.recordedfuture.com/events/public/v1/track/sc2/Mm-nFbk9JyrW5Z9fw75wmJ_qW8MKQPP5tfVwrW8rPGX_8hhVfHf1KTlgdd3?_ud=af81a612-0bc8-4346-854b-7eb5fe5fdca9&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p
https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_...

104 KB
24 KB

820ms
688ms

Document
text/html

104.26.14.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A

Requested by

Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/sc2/Mm-nFbk9JyrW5Z9fw75wmJ_qW8MKQPP5tfVwrW8rPGX_8hhVfHf1KTlgdd3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.14.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd53c9a4f4f15f5f3890b84ec00aa753017c965083d42db419082d38843d28a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:method: GET
:authority: awakesecurity.com
:scheme: https
:path: /blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.recordedfuture.com/e2t/sc2/Mm-nFbk9JyrW5Z9fw75wmJ_qW8MKQPP5tfVwrW8rPGX_8hhVfHf1KTlgdd3

Response headers

date: Fri, 14 May 2021 00:07:01 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=600
cf-edge-cache: cache,platform=wordpress
link: <https://awakesecurity.com/?p=8841>; rel=shortlink
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe4-b-76c58df74-hdmtw
x-styx-req-id: 4e800143-b448-11eb-a7e3-026addf1db83
x-served-by: cache-mdw17354-MDW, cache-lcy19266-LCY
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1620950821.208416,VS0,VE586
vary: Accept-Encoding, Cookie, Cookie
age: 0
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
cf-request-id: 0a09cbc1380000074e8e350000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZYnBdn4QPzUDA3F0umVef4Ne7FTp43SiQmqbB56ywaZqFPdN237vIurRkdi2vlzjjARFBVZNftBnUF9b6eFNQf7mIrtQ%2FtzuzjzxdWKvblljsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64efe24858df074e-LHR
content-encoding: br

Redirect headers

date: Fri, 14 May 2021 00:07:00 GMT
location: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
cf-ray: 64efe242b9b24c97-AMS
link: <https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0a09cbbdb500004c97c13c3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: f0cef7cf-fc69-4d44-9fec-f6ae39d5ed89
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fN4HEf9vIJRlSpORcxiddw7Vi6kHVzWGgItD2TL%2BmEOr5hub8590jEVqr08yGOqJwNHHIDcdAtzKUVacSODjIiSK1rWMeFXj%2BUBardBqU4YtaEUn2Dk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style.min.css
awakesecurity.com/wp-includes/css/dist/block-library/ 57 KB
8 KB 104ms
75ms Stylesheet
text/css 104.26.14.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.1

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.14.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: awakesecurity.com
referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:02 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1795210
x-pantheon-styx-hostname: styx-fe4-b-6c5dfb7cc8-dsr58
x-cache: HIT, MISS
content-encoding: br
cf-request-id: 0a09cbc4d90000074ebe9ea000000001
x-served-by: cache-mdw17361-MDW, cache-lcy19242-LCY
last-modified: Mon, 19 Apr 2021 17:21:38 GMT
server: cloudflare
x-timer: S1619155613.856514,VS0,VE90
etag: W/"607dbc22-e33b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Zszn4N72jc2BpZbJEkOpEUmvzpld4Cfilt7c53%2BMqu9dhTt80hr4Kbm28y%2FCrZyHHw3FUUTI99aLeQCT0P7JPjTSXsujph6C0rHn7LC8wLONUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 0fdc4bc6-a134-11eb-8bb7-16b0f439e909
expires: Wed, 20 Apr 2022 17:24:14 GMT
cache-control: max-age=31622400
cf-ray: 64efe24e2ded074e-LHR
x-cache-hits: 1, 0

GET
H2 200 awake.css
awakesecurity.com/wp-content/themes/awake19/assets/dist/ 90 KB
15 KB 202ms
174ms Stylesheet
text/css 104.26.14.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1620949461&ver=5.7.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.14.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

454ce7084cd805d53905210a4bb00b2308c662da3d28847559c01333fda0bbcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /wp-content/themes/awake19/assets/dist/awake.css?t=1620949461&ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: awakesecurity.com
referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:02 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe4-a-57ddb7f7f4-cq94x
x-cache: HIT, MISS
content-encoding: br
cf-request-id: 0a09cbc4da0000074e8e379000000001
x-served-by: cache-mdw17381-MDW, cache-lcy19270-LCY
last-modified: Thu, 13 May 2021 17:49:51 GMT
server: cloudflare
x-timer: S1620950822.130503,VS0,VE95
etag: W/"609d66bf-16675"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QEZhjGUPuGwY4O6QhTAMred%2FxPEqhDLjEk3Vtq5NYu9G4ZpQjaURtKRw%2BpE044XA4RhqZ8PiyF9Tnv0FCw3QTuONdWsVyIyVQpzOY%2Bk%2FPuV0vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 8db2c586-b446-11eb-8d48-5639720dfddc
expires: Sat, 14 May 2022 23:54:28 GMT
cache-control: max-age=31622400
cf-ray: 64efe24e2dee074e-LHR
x-cache-hits: 1, 0

GET
H2 200 css
fonts.googleapis.com/ 8 KB
871 B 42ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C600%7CQuattrocento%3A400%2C700&ver=5.7.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d45f938ac1b894b34900e11f4143c039c5113c00b8a59f0b55ec2352a15346b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 May 2021 00:07:02 GMT
server: ESF
date: Fri, 14 May 2021 00:07:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 May 2021 00:07:02 GMT

GET
H2 200 jquery.min.js Show response
awakesecurity.com/wp-includes/js/jquery/ 87 KB
30 KB 103ms
76ms Script
application/x-javascript 104.26.14.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.14.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: awakesecurity.com
referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:02 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1795210
x-pantheon-styx-hostname: styx-fe4-a-68dbfbc774-gmg2b
x-cache: HIT, HIT
content-encoding: br
cf-request-id: 0a09cbc4da0000074ead008000000001
x-served-by: cache-mdw17367-MDW, cache-lcy19230-LCY
last-modified: Wed, 21 Apr 2021 17:17:07 GMT
server: cloudflare
x-timer: S1619155613.868428,VS0,VE2
etag: W/"60805e13-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=40XX6e1s3TEqZAKc2FH5FDVhRxdEKsoPc3nN%2FIePYfTsGbO0w0Doh89AH2rkmcyRuN%2FcqGzTf9aCVASAUuZ9TU3xMyf1GOqNmj%2F5phstcA6Ywg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 59ac1947-a330-11eb-b12d-22e18ff8b3f5
expires: Sat, 23 Apr 2022 06:02:42 GMT
cache-control: max-age=31622400
cf-ray: 64efe24e2df0074e-LHR
x-cache-hits: 1, 1

GET
H2 200 jquery-migrate.min.js Show response
awakesecurity.com/wp-includes/js/jquery/ 11 KB
4 KB 367ms
340ms Script
application/x-javascript 104.26.14.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.14.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: awakesecurity.com
referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:02 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe4-a-57ddb7f7f4-s9ghp
x-cache: HIT, MISS
content-encoding: br
cf-request-id: 0a09cbc4da0000074e9b3cc000000001
x-served-by: cache-mdw17356-MDW, cache-lon4246-LON
last-modified: Wed, 12 May 2021 21:27:38 GMT
server: cloudflare
x-timer: S1620950822.130182,VS0,VE253
etag: W/"609c484a-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U9ib8c886RuHBWk4FKvi63qUIYCLVXzQjaSHboqZ3no99R7vuXkAu7q58A5XfBQ0lRsYIzalRG42b87ZwRbr03eTYs2dXwWUz5jazwx%2BAnXMQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: b8a1f3b5-b41c-11eb-b76c-dac222b863f2
expires: Sat, 14 May 2022 18:55:01 GMT
cache-control: max-age=31622400
cf-ray: 64efe24e2df1074e-LHR
x-cache-hits: 1, 0

GET
H2 200 gtm4wp-form-move-tracker.js Show response
awakesecurity.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
830 B 96ms
69ms Script
application/x-javascript 104.26.14.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.12.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.14.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a4e4d87eb5124ff8ace838e9e12db5b279607a0773d2b91cd079d85d426089b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.12.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: awakesecurity.com
referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:02 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1795210
cf-polished: origSize=1536
x-pantheon-styx-hostname: styx-fe4-b-6c5dfb7cc8-wrj5v
x-cache: HIT, HIT
cf-bgj: minify
content-encoding: br
cf-request-id: 0a09cbc4da0000074e73942000000001
x-served-by: cache-mdw17343-MDW, cache-lcy19222-LCY
last-modified: Mon, 19 Apr 2021 17:21:27 GMT
server: cloudflare
x-timer: S1619155613.878851,VS0,VE1
etag: W/"607dbc17-600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sCY5Q2NaEwblg%2BcO00%2FLRZu6%2F1rTWrcVko5LAEoKZfqcoeyp88vMMOga2h%2B6%2BPi8LG77Gy5UGnb8VpuJ1bMSDqDbs4Qy%2BSlK4K1uOpC4ZMn23g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 0fd7c4b7-a134-11eb-8677-42fd8e507f15
expires: Wed, 20 Apr 2022 17:24:14 GMT
cache-control: max-age=31622400
cf-ray: 64efe24e2df2074e-LHR
x-cache-hits: 1, 1

GET
H2 200 gtm4wp-youtube.js Show response
awakesecurity.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 6 KB
1 KB 100ms
74ms Script
application/x-javascript 104.26.14.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-youtube.js?ver=1.12.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.14.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

744c9878177e67a6f1e2e63dd8cac38561164bd4337efa970de2ca32473dcb3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-youtube.js?ver=1.12.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: awakesecurity.com
referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:02 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1795210
cf-polished: origSize=7296
x-pantheon-styx-hostname: styx-fe4-a-68dbfbc774-gmg2b
x-cache: HIT, HIT
cf-bgj: minify
content-encoding: br
cf-request-id: 0a09cbc4da0000074e650f1000000001
x-served-by: cache-mdw17348-MDW, cache-lon4242-LON
last-modified: Mon, 19 Apr 2021 17:21:27 GMT
server: cloudflare
x-timer: S1619155613.860552,VS0,VE1
etag: W/"607dbc17-1c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9KkEX7wGM291V0RuvEEOlFVkMzlIsUgYPl29x5yoMTcpybuKiN20D56ZGozKJt2J4c83mgRtIADKLgtfSVvk2UP8VLope8Py68yy2b1QnS8gZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 0fdbc6d8-a134-11eb-b12d-22e18ff8b3f5
expires: Wed, 20 Apr 2022 17:24:14 GMT
cache-control: max-age=31622400
cf-ray: 64efe24e2df3074e-LHR
x-cache-hits: 1, 1

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 86 KB
33 KB 207ms
48ms Script
application/x-javascript 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA7) /
Resource Hash: 1c089f77f3ddbfe385e7976439283a0c61ce2c9f89c30424d31901549150d82f

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:02 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 22:41:02 GMT
server: ECS (amb/6BA7)
age: 84342
etag: "f82a59e4c842d71:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 33770

GET
H2 200 gray-blade-l.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/ 2 KB
1 KB 180ms
169ms Image
image/svg+xml 104.26.14.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/gray-blade-l.svg?t=1620949461

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.14.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59724cd88aeb9ed1579086352c4eefc048cdc7207c3dbf8c450ac1030cc57d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /wp-content/themes/awake19/assets/img/gray-blade-l.svg?t=1620949461
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: awakesecurity.com
referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:02 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe4-b-76c58df74-fgsjl
x-cache: HIT, MISS
content-encoding: br
cf-request-id: 0a09cbc6670000074e72bd6000000001
x-served-by: cache-mdw17357-MDW, cache-lon4247-LON
last-modified: Thu, 13 May 2021 17:49:51 GMT
server: cloudflare
x-timer: S1620950823.523718,VS0,VE90
etag: W/"609d66bf-627"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=57TKyYXEi93Zz3tpriZQokIFr45sV7xfRrXFOetHJljaIT5pK%2BoSxA473uguensTXRLiVaes6zrVkpSFApgUXzWHzg571bcBfdqmT7i3J1x5JA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sat, 14 May 2022 23:56:14 GMT
cache-control: max-age=31622400
cf-ray: 64efe250a88a074e-LHR
x-styx-req-id: cd2a5b0a-b446-11eb-8441-fab11191d2e6
x-cache-hits: 1, 0

GET
H2 200 gray-blade-r.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/ 2 KB
1 KB 310ms
297ms Image
image/svg+xml 104.26.14.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/gray-blade-r.svg?t=1620949461

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.14.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a66b75a0605cde41e287281ecb1232c00ebb98371a0c52b6067d2a5d1fbef48

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /wp-content/themes/awake19/assets/img/gray-blade-r.svg?t=1620949461
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: awakesecurity.com
referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:02 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe4-a-57ddb7f7f4-chqkw
x-cache: HIT, MISS
content-encoding: br
cf-request-id: 0a09cbc66a0000074e56925000000001
x-served-by: cache-mdw17368-MDW, cache-lon4235-LON
last-modified: Thu, 13 May 2021 17:49:51 GMT
server: cloudflare
x-timer: S1620950823.528680,VS0,VE177
etag: W/"609d66bf-615"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ibgn8vpKtIpCJVLI%2FPVMwzqL0LpLwxgZMsCRH051SmLNVRfba04wlpMtli0xo4axtuV36AChyULK4aDu3hI14aAGpXyF2P8Z8dnskkLfQvwN4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sat, 14 May 2022 23:56:14 GMT
cache-control: max-age=31622400
cf-ray: 64efe250a892074e-LHR
x-styx-req-id: cd2a7e7f-b446-11eb-a9c7-a202e499bfd7
x-cache-hits: 1, 0

GET
H2 200 awake-white.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/ 12 KB
4 KB 189ms
176ms Image
image/svg+xml 104.26.14.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/awake-white.svg?t=1620949461?v2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.14.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d088bee0f421a9d84586b4e47c7b43b179d44377f656af2e6e4021d7baceb726

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /wp-content/themes/awake19/assets/img/awake-white.svg?t=1620949461?v2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: awakesecurity.com
referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:02 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe4-a-57ddb7f7f4-cq94x
x-cache: HIT, MISS
content-encoding: br
cf-request-id: 0a09cbc66a0000074e92b8b000000001
x-served-by: cache-mdw17362-MDW, cache-lon4271-LON
last-modified: Thu, 13 May 2021 23:44:21 GMT
server: cloudflare
x-timer: S1620950823.527513,VS0,VE95
etag: W/"609db9d5-2f3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LP3yrA76BpHX1PeGo9CuDAzdLSRKci%2FQGJVavgn%2FBznk3S0zoiaGqJ621iO1zllt%2BViQBcu2xko98%2FTYbwdgMSZT6FzWnzfYSJyvOSuv9iqIPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sat, 14 May 2022 23:56:14 GMT
cache-control: max-age=31622400
cf-ray: 64efe250a894074e-LHR
x-styx-req-id: cd2ab777-b446-11eb-8d48-5639720dfddc
x-cache-hits: 1, 0

GET
H2 200 awake.js Show response
awakesecurity.com/wp-content/themes/awake19/assets/dist/ 162 KB
44 KB 228ms
212ms Script
application/x-javascript 104.26.14.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.js?t=1620949461&ver=5.7.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.14.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dd4a79ec5ab6b5376f8a4b0db2ef940817ed0354c95d33b4ce47a10da8d747e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /wp-content/themes/awake19/assets/dist/awake.js?t=1620949461&ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: awakesecurity.com
referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:02 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe4-a-57ddb7f7f4-chqkw
x-cache: HIT, MISS
content-encoding: br
cf-request-id: 0a09cbc5c30000074ebc90f000000001
x-served-by: cache-mdw17371-MDW, cache-lon4245-LON
last-modified: Thu, 13 May 2021 23:44:21 GMT
server: cloudflare
x-timer: S1620950822.363831,VS0,VE111
etag: W/"609db9d5-2899c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JqMTLkynQTtUCVY%2FAy%2B8PFQf3jhVved7ZZMWAIDD4PYCLFIRgW0Q7sLM4fjVbt8OqTNdWcaD%2FLAE5c7c7Ge3fCXkxyCjZlvtiTJXwIf%2F7j6k5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 8dcb8f70-b446-11eb-a9c7-a202e499bfd7
expires: Sat, 14 May 2022 23:54:28 GMT
cache-control: max-age=31622400
cf-ray: 64efe24f9f6d074e-LHR
x-cache-hits: 1, 0

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 565 KB
135 KB 231ms
179ms Script
application/javascript 2606:4700::6811:b849
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js?ver=5.7.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b849 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c93bea6eb2c5cd796052d336d8f42741459817d0d02ba2c279b0a88691ae8190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:02 GMT
via: 1.1 e89d95d090c0c86ecc7b8930e434625d.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a09cbc66600001f51c88d5000000001
last-modified: Tue, 11 May 2021 11:45:33 UTC
server: cloudflare
etag: W/"f01130e2d2ed0b752b178ae3428286fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oYt3XrPR5Fg8EARVHSqb3X8l6Wq1jYot%2BWWQeKj4dRfVovmXNlQq%2FUoWF3ZEG%2FChjCRNkrdZSx9Smxr0k39%2FxXpEJXbhMh7M%2BXUUgAmEUT7WzlFQ7OhDL9B9eA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 2SHDSPDimG87QeZkeFtdSB7nvcQaTAoN
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: EXPIRED
cf-ray: 64efe250a8751f51-FRA
x-amz-cf-id: bhRDNm6td2DolNwx2_tg8ostGlvVkve_V8qy1fWEeUxfVeUkcKJozw==
x-hs-target-asset: FormsNext/static-5.284/bundles/project_with_deps.js

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 41ms
13ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-youtube.js?ver=1.12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc780f71838c63d78cfa8ae427904a2188e4fa1342e2342300c623f6101510b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 14 May 2021 00:07:02 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 145 KB
50 KB 44ms
31ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6557261d09ccbbbab391ec90631b0fadecd59657988f84e8ab866d6571f1c0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:02 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50954
x-xss-protection: 0
expires: Fri, 14 May 2021 00:07:02 GMT

GET
H2 200 awake-blue.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/ 14 KB
5 KB 81ms
76ms Image
image/svg+xml 104.26.14.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/awake-blue.svg?v2

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1620949461&ver=5.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.14.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ad7be1450b1857107cbdaf03fd3e1c23c864d10c3c5c842454fdefc6f2ee58c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /wp-content/themes/awake19/assets/img/awake-blue.svg?v2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: awakesecurity.com
referer: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1620949461&ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1620949461&ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:02 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1795209
x-pantheon-styx-hostname: styx-fe4-a-68dbfbc774-s5ggt
x-cache: HIT, MISS
content-encoding: br
cf-request-id: 0a09cbc67c0000074e6ca74000000001
x-served-by: cache-mdw17364-MDW, cache-lon4263-LON
last-modified: Wed, 21 Apr 2021 17:17:05 GMT
server: cloudflare
x-timer: S1619155613.102907,VS0,VE88
etag: W/"60805e11-36cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6pJkI5W3L55x31R5IHgHOdSqW667q4Qzln%2B2hX388hrU%2FyF7EdRbPRD04fMwcJ4JHQq%2FEcggRPsSVCUWGNPdWlqfi509Lu%2FdyG0H89u14%2FI1Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sat, 23 Apr 2022 02:38:24 GMT
cache-control: max-age=31622400
cf-ray: 64efe250c8aa074e-LHR
x-styx-req-id: cf2e458c-a313-11eb-b448-aa0a7604e8cd
x-cache-hits: 1, 0

GET
H2 200 cta-link-arrowhead.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/ 204 B
607 B 69ms
68ms Image
image/svg+xml 104.26.14.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/cta-link-arrowhead.svg

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1620949461&ver=5.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.14.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

827ad877bc995d3249dc37ce07b933b5783ee4a2cabf7ca9d6636b6e759ec50b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /wp-content/themes/awake19/assets/img/cta-link-arrowhead.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: awakesecurity.com
referer: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1620949461&ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1620949461&ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:02 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1795209
x-pantheon-styx-hostname: styx-fe4-a-68dbfbc774-gmg2b
x-cache: HIT, HIT
content-encoding: br
cf-request-id: 0a09cbc7230000074e4329e000000001
x-served-by: cache-mdw17341-MDW, cache-lcy19227-LCY
last-modified: Mon, 19 Apr 2021 17:21:37 GMT
server: cloudflare
x-timer: S1619155613.114265,VS0,VE1
etag: W/"607dbc21-cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MPF7LgypDZrhWk6K6KS53EI8Pk0kHQiFSX3ztBjA3aaaWoZDpliSNpJIXsvOe6kGCe9gG5z5UoKrhftJm3ndY6gBdsIaP4hr9gfKbaDzQ2eOrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Wed, 20 Apr 2022 17:57:14 GMT
cache-control: max-age=31622400
cf-ray: 64efe251d9ad074e-LHR
x-styx-req-id: ac04923a-a138-11eb-b12d-22e18ff8b3f5
x-cache-hits: 1, 1

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 22ms
13ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C600%7CQuattrocento%3A400%2C700&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://awakesecurity.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 23:40:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:13:07 GMT
server: sffe
age: 260764
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19264
x-xss-protection: 0
expires: Tue, 10 May 2022 23:40:58 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 70ms
61ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C600%7CQuattrocento%3A400%2C700&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab9241a07a70085385b3b30dbf081ad3296f8a95a48bbf524c5eb74f0fc030a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://awakesecurity.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 00:17:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:13:19 GMT
server: sffe
age: 258560
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18988
x-xss-protection: 0
expires: Wed, 11 May 2022 00:17:42 GMT

GET
H3-29 200 OZpbg_xvsDZQL_LKIF7q4jP_eE3vcKnY.woff2
fonts.gstatic.com/s/quattrocento/v12/ 35 KB
35 KB 153ms
145ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quattrocento/v12/OZpbg_xvsDZQL_LKIF7q4jP_eE3vcKnY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C600%7CQuattrocento%3A400%2C700&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

739f71b3b5d16fa62d7df8dd268821ee0ef4342f164e98cfcbabf470284f2abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://awakesecurity.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 00:50:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 04:18:55 GMT
server: sffe
age: 256613
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36052
x-xss-protection: 0
expires: Wed, 11 May 2022 00:50:09 GMT

GET
H3-29 200 JTUPjIg1_i6t8kCHKm459WxZYgzz_PZw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 153ms
145ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZYgzz_PZw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C600%7CQuattrocento%3A400%2C700&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a8bc347505ebacb1141ff2b952479b1beacfe943752cbe90aa396fe0500fbd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://awakesecurity.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 10:45:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:37 GMT
server: sffe
age: 48106
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19388
x-xss-protection: 0
expires: Fri, 13 May 2022 10:45:16 GMT

GET
H3-29 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 122ms
32ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C600%7CQuattrocento%3A400%2C700&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://awakesecurity.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 22:04:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
age: 180170
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
expires: Wed, 11 May 2022 22:04:12 GMT

GET
H2 200 operation-white-stork-incident-response-timeline.png
awakesecurity.com/wp-content/uploads/2021/05/ 52 KB
52 KB 210ms
209ms Image
image/png 104.26.14.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/uploads/2021/05/operation-white-stork-incident-response-timeline.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.14.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e25a07abea29fb732abbcadbc34d98aff95a4629359c7201e5fe265a41f8a419

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /wp-content/uploads/2021/05/operation-white-stork-incident-response-timeline.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: awakesecurity.com
referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:03 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe4-a-57ddb7f7f4-s9ghp
x-cache: HIT, MISS
strict-transport-security: max-age=300
content-length: 52986
cf-request-id: 0a09cbcaf10000074e4282f000000001
x-served-by: cache-mdw17323-MDW, cache-lon4253-LON
last-modified: Thu, 13 May 2021 21:44:54 GMT
server: cloudflare
x-timer: S1620950824.684317,VS0,VE107
etag: "609d9dd6-cefa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h33koL1ucWWdLrjlxJ4Hadbw9%2Bbq7DD5NgkcNW2hTOU%2BX%2Fl7Dca7LEBmU3rhluvkivxa4lx36AwxTU6KFS9lh0CuYX2V0FnWjCv%2B9sCmoQN1yA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 7d3f777a-b434-11eb-b76c-dac222b863f2
expires: Sat, 14 May 2022 21:45:09 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 64efe257eecd074e-LHR
x-cache-hits: 1, 0

GET
H2 200 word-image-23.jpeg
awakesecurity.com/wp-content/uploads/2021/05/ 124 KB
125 KB 289ms
288ms Image
image/jpeg 104.26.14.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/uploads/2021/05/word-image-23.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.14.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef000116a095a861514ad5de78a59ffd3fea4733bee92e71aacfbb36577001de

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /wp-content/uploads/2021/05/word-image-23.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: awakesecurity.com
referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:03 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe4-a-57ddb7f7f4-chqkw
x-cache: HIT, MISS
strict-transport-security: max-age=300
content-length: 127303
cf-request-id: 0a09cbcaf20000074e9b00f000000001
x-served-by: cache-mdw17320-MDW, cache-lcy19259-LCY
last-modified: Thu, 13 May 2021 11:12:11 GMT
server: cloudflare
x-timer: S1620950824.697150,VS0,VE182
etag: "609d098b-1f147"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GCoHSylnSHrYGf%2Fsubq6Ub52T12P6lW6fLK6PNvay97BtAaID35kZEZxp8Rr9SHBzimTsplOKo4va%2F84W8u8T%2FP4Q2O7mx%2BUMP4NhMx2gNIRKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: 2e770315-b3dc-11eb-a9c7-a202e499bfd7
expires: Sat, 14 May 2022 11:13:01 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 64efe257eece074e-LHR
x-cache-hits: 1, 0

GET
H2 200 word-image-24.jpeg
awakesecurity.com/wp-content/uploads/2021/05/ 126 KB
127 KB 631ms
630ms Image
image/jpeg 104.26.14.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/uploads/2021/05/word-image-24.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.14.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1547a5df4d7720dfbf9fceaac844032e843742b2a471435775e0739409361736

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /wp-content/uploads/2021/05/word-image-24.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: awakesecurity.com
referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:04 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe4-a-57ddb7f7f4-chqkw
x-cache: HIT, MISS
strict-transport-security: max-age=300
content-length: 129271
cf-request-id: 0a09cbcaf50000074e9b010000000001
x-served-by: cache-mdw17373-MDW, cache-lcy19277-LCY
last-modified: Thu, 13 May 2021 11:12:18 GMT
server: cloudflare
x-timer: S1620950824.690612,VS0,VE542
etag: "609d0992-1f8f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wyoSTNNOdCB3Qvp3UQOaZEkNwhn9%2BXgXBC7abxtB%2FFbNIv95dFS3s%2BoN%2BAA784%2FJiZKcVi5DW51uWJ45x6a4pJNeWQAd5bbOvU1zS1DamlMmaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: 2e78bdd5-b3dc-11eb-a9c7-a202e499bfd7
expires: Sat, 14 May 2022 11:13:01 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 64efe257eed0074e-LHR
x-cache-hits: 1, 0

GET
H2 200 forms.js Show response
hubspot.clearbit.com/v1/forms/pk_eb94a3b23abc2d3ed2b6bf58e9046752/ 4 KB
5 KB 1362ms
208ms Script
application/javascript 18.130.127.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hubspot.clearbit.com/v1/forms/pk_eb94a3b23abc2d3ed2b6bf58e9046752/forms.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.130.127.114 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

envoy /

Resource Hash

183f21ec916a9534f602c8f870ec31255ea4ab4c21e714947cbd84d896afca43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:06 GMT
x-content-type-options: nosniff
server: envoy
content-length: 4337
content-type: application/javascript;charset=utf-8

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/24fb4fc5/www-widgetapi.vflset/ 120 KB
42 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/24fb4fc5/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22ab4f87955019376f2eaec5fe15f635dba1966639b7e94c3f8f36cd561d2979

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 23:28:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 00:29:34 GMT
server: sffe
age: 2331
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42902
x-xss-protection: 0
expires: Fri, 13 May 2022 23:28:15 GMT

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
327 B 76ms
76ms Image
image/gif 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=941d3728b50b49efa886ab5acf1f45d8&_biz_s=20977b&_biz_l=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A&_biz_t=1620950826679&_biz_i=Catching%20the%20White%20Stork%20in%20Flight%20with%20multiple%20techniques%20and%20tools.&_biz_n=0&rnd=942498&cdn_o=a&_biz_z=1620950826717
Requested by: Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B75) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 00:07:06 GMT
last-modified: Fri, 07 May 2021 01:58:37 GMT
server: ECS (amb/6B75)
age: 598109
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
202 B 76ms
74ms Image
image/gif 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=941d3728b50b49efa886ab5acf1f45d8&_biz_s=20977b&_biz_l=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A&_biz_t=1620950826757&_biz_i=Catching%20the%20White%20Stork%20in%20Flight%20with%20multiple%20techniques%20and%20tools.&rnd=950604&cdn_o=a&_biz_z=1620950826757
Requested by: Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B97) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 00:07:06 GMT
last-modified: Fri, 07 May 2021 00:55:25 GMT
server: ECS (amb/6B97)
age: 601902
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 552bf00a-3b99-46d5-ab7b-f3e36e880305 Show response
forms.hsforms.com/embed/v3/form/3455675/ 11 KB
3 KB 154ms
130ms Script
application/javascript 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/3455675/552bf00a-3b99-46d5-ab7b-f3e36e880305?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js?ver=5.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dbd1b86a4f65d1d943c40ea71e8666b3de4e0ce36502dcd370de944265030f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: b4a8b30e-d8ee-4496-a443-6ba244a4919a
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a09cbd81300001762c83ff000000001
server: cloudflare
x-trace: 2B48E9207212604A6C3A459C46420FAFFA0F0AB0CD000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 64efe26ce84f1762-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 65ms
0ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6015
date: Thu, 13 May 2021 22:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 14 May 2021 00:26:52 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 65ms
44ms Script
application/x-javascript 2a02:26f0:6c00:2b0::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 14 May 2021 00:07:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=16108
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 96ms
29ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14057
x-xss-protection: 0
server: cafe
etag: 15306424688967737279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 May 2021 00:07:07 GMT

GET
H2 200 3455675.js Show response
js.hs-scripts.com/ 991 B
648 B 515ms
448ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/3455675.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1491f4ebb90c15f5cda35d273eca6cd18bce594c92015b96936a26ee3c0a3ef4

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 6ebaa772-051c-4163-a7c0-fe25b310d47c
cf-request-id: 0a09cbd89d0000c2f9de112000000001
server: cloudflare
x-trace: 2BA9DE95D4BAB6E3CA35E0EC8E695D936E220173AF000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://awakesecurity.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 64efe26dcba7c2f9-FRA
expires: Fri, 14 May 2021 00:08:07 GMT

GET
H2 200 preload.js Show response
front.optimonk.com/public/37807/js/ 55 KB
13 KB 200ms
58ms Script
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/37807/js/preload.js

Requested by

Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/sc2/Mm-nFbk9JyrW5Z9fw75wmJ_qW8MKQPP5tfVwrW8rPGX_8hhVfHf1KTlgdd3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

a3388c2b5ba30e692518edd87e972cba7424118cbff523c61e45a8cea3e76cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"dcd6-aGlIlPCtPRiFI4hsTifvWRRPhVU"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1350
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 50621fd8-5485-497f-b48b-9bb066706ccd.js Show response
cdn.cookielaw.org/consent/ 77 KB
16 KB 65ms
0ms Script
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/50621fd8-5485-497f-b48b-9bb066706ccd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2ea951dfb0c7067f9448a213fd32537e43794e1512e70d12380f8f7c462a0c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 14 May 2021 00:07:07 GMT
content-encoding: GZIP
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: LuGmt3HPw7jcbOeea/Aeow==
age: 5561
vary: Accept-Encoding
content-length: 15691
cf-request-id: 0a09cbd89d000005d07c81a000000001
x-ms-lease-status: unlocked
last-modified: Tue, 12 Mar 2019 16:51:34 GMT
server: cloudflare
etag: 0x8D6A70AFC35924B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6c5f6195-d01e-0076-0101-385c5a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 64efe26dc92405d0-FRA

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 67ms
1ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/sc2/Mm-nFbk9JyrW5Z9fw75wmJ_qW8MKQPP5tfVwrW8rPGX_8hhVfHf1KTlgdd3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:07 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 464
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1620950827.185724,VS0,VE0
x-served-by: cache-fra19135-FRA

GET
H2 200 clearbit.js Show response
x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/ 363 KB
87 KB 514ms
284ms Script
application/javascript 18.130.127.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/clearbit.js
Requested by: Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/sc2/Mm-nFbk9JyrW5Z9fw75wmJ_qW8MKQPP5tfVwrW8rPGX_8hhVfHf1KTlgdd3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.127.114 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: ee97d65f5684f079e2578cee924ca539ee9bda02fe2b251326ab6e9f963bc341

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:07 GMT
cache-control: private, max-age=600
server: envoy
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 62ms
0ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/sc2/Mm-nFbk9JyrW5Z9fw75wmJ_qW8MKQPP5tfVwrW8rPGX_8hhVfHf1KTlgdd3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: FydN+g10wN6hsIGgnJZw4ETCB9B3RP6M6b8gJ/+8JTKfurm5OGXQ0KcIQnYTUQkTdmLkb42Kk0yzskDk7qsHtQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 14 May 2021 00:07:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK dot.png
img.blindspot.ai/ 68 B
313 B 185ms
43ms Image
image/png 3.121.124.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.blindspot.ai/dot.png?gtmcb=2059449002
Requested by: Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 3.121.124.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 14 May 2021 00:07:07 GMT
Last-Modified: Tue, 23 Apr 2019 16:35:45 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5cbf3ee1-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 111 B
543 B 198ms
169ms Script
text/javascript 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=941d3728b50b49efa886ab5acf1f45d8&_biz_h=-1906410348&cdn_o=a&jsVer=4.20.11.13
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBB) /
Resource Hash: 5904021a8a5855998e50ed296c5dc4f2b53a9b2fb9eff8bdbc6cf1286b972b26

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:07 GMT
content-encoding: gzip
server: ECS (amb/6BBB)
etag: 04EA1224
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 214

GET
H3-29 200 524739641515499 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 127ms
126ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/524739641515499?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7ba8b7103c661883ced307b49494c1894d7d3625ebb58d913310c1ad36bca778

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: o17tICCUzik780inEIenwQr0RLc6M8sSUA+X3QO+S5lnLBIoc4XPFzU58fSlYP22vThn7cQJCMQBeFnokhAq0g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 14 May 2021 00:07:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 20ms
19ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=209847686&t=pageview&_s=1&dl=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A&ul=en-us&de=UTF-8&dt=Catching%20the%20White%20Stork%20in%20Flight%20with%20multiple%20techniques%20and%20tools.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEADQAAAAC~&jid=58649400&gjid=1624777438&cid=1447950607.1620950827&tid=UA-106883604-1&_gid=434201459.1620950827&_r=1&gtm=2wg5c15XLMPQR&z=53513231

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 May 2021 00:07:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://awakesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 87 KB
34 KB 67ms
67ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NDH7TG4&t=gtm2&cid=1447950607.1620950827

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a229e30fe5f24d9fcb727f2c24f78f43cf932cd5d9ec448c810b11ee32d611c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:07 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34898
x-xss-protection: 0
expires: Fri, 14 May 2021 00:07:07 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1620950827489&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D116994%26time%3D1620950827489%26url%3Dhttps%253A%252F%252Fawakesecurity.com%252Fb...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1620950827489&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1620950827489&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium...

0
72 B

220ms
220ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1620950827489&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A&liSync=true&e_ipv6=AQLWu0HO8ekxbAAAAXloMsf_zVx6A-6u3Kdt9VVIAYq8E0H43_GQqwvDwPpLdh4cs0HnWdqZ
Requested by: Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:09 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: HP0H7jDGfhYQfiqgLysAAA==

Redirect headers

date: Fri, 14 May 2021 00:07:09 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1620950827489&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A&liSync=true&e_ipv6=AQLWu0HO8ekxbAAAAXloMsf_zVx6A-6u3Kdt9VVIAYq8E0H43_GQqwvDwPpLdh4cs0HnWdqZ
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: XOvX2jDGfhagnzgHRCsAAA==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/842977571/ 3 KB
1 KB 109ms
26ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842977571/?random=1620950827497&cv=9&fst=1620950827497&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A&tiba=Catching%20the%20White%20Stork%20in%20Flight%20with%20multiple%20techniques%20and%20tools.&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdd69fc90aaa6107447ec5e7fe8071b48af33a6aa1e2a2d85a7d50ad4865841a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 00:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1221
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
518 B 67ms
29ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js?ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

546c9cf28ee399e9811641e9a676a11fa382881a3cc3c5c4dadab2ec9b847c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 13 May 2021 22:30:37 GMT
server: ESF
date: Fri, 14 May 2021 00:07:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 May 2021 00:07:07 GMT

GET
H2 200 email.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/hubspot-icons/ 584 B
971 B 67ms
67ms Image
image/svg+xml 104.26.14.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/hubspot-icons/email.svg

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1620949461&ver=5.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.14.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7d6781923c1121af3b28d0a2d3c9749620616109cc7a1093901ca62dbf6ee53

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

:path: /wp-content/themes/awake19/assets/img/hubspot-icons/email.svg
pragma: no-cache
cookie: _biz_uid=941d3728b50b49efa886ab5acf1f45d8; _biz_sid=20977b; _biz_nA=1; _gcl_au=1.1.2073531777.1620950827; _biz_pendingA=%5B%5D; _biz_flagsA=%7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%7D; _ga=GA1.2.1447950607.1620950827; _gid=GA1.2.434201459.1620950827; _gat_cb252020=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: awakesecurity.com
referer: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1620949461&ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1620949461&ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:07 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1794052
x-pantheon-styx-hostname: styx-fe4-b-6c5dfb7cc8-dsr58
x-cache: HIT, HIT
content-encoding: br
cf-request-id: 0a09cbdadb0000074e93865000000001
x-served-by: cache-mdw17335-MDW, cache-lcy19231-LCY
last-modified: Mon, 19 Apr 2021 17:21:37 GMT
server: cloudflare
x-timer: S1619156776.806432,VS0,VE1
etag: W/"607dbc21-248"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xkFUIFijyKfosOCYGYICa242OUr9m5%2F5R%2B%2BRRLDui%2FIVDJjdhqV%2BaOC77hb6REgum%2BUDcxosaeHbpEBMWeuM8%2B%2FhEaoeLPu5Oz3PHwZKWvTmrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Wed, 20 Apr 2022 17:57:15 GMT
cache-control: max-age=31622400
cf-ray: 64efe2715ea9074e-LHR
x-styx-req-id: acb35985-a138-11eb-8bb7-16b0f439e909
x-cache-hits: 1, 1

GET
H2 200 adsct
t.co/i/ 43 B
165 B 178ms
176ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o1ivb&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 14 May 2021 00:07:07 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 7abc9fbb44fb002743b634bfb797f438e889887bd069887c99faa23a3a65cb8a
x-transaction: cf01badf17bb4f3c
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 29ms
14ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-106883604-1&cid=1447950607.1620950827&jid=58649400&gjid=1624777438&_gid=434201459.1620950827&_u=YEBAAEACQAAAAC~&z=1077887559

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 May 2021 00:07:08 GMT
content-type: text/plain
access-control-allow-origin: https://awakesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log Show response
front.optimonk.com/error/ 0
233 B 155ms
51ms XHR
text/plain 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/error/log

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 14 May 2021 00:07:08 GMT
x-content-type-options: nosniff
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

POST
H2 200 log Show response
front.optimonk.com/error/ 0
232 B 106ms
55ms XHR
text/plain 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/error/log

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 14 May 2021 00:07:08 GMT
x-content-type-options: nosniff
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=524739641515499&ev=PageView&dl=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A&rl=&if=false&ts=1620950828387&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620950828385.740990421&it=1620950827314&coo=false&exp=l0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 14 May 2021 00:07:08 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
68 B 27ms
22ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-106883604-1&cid=1447950607.1620950827&jid=58649400&_u=YEBAAEACQAAAAC~&z=1511831541

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 00:07:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 28ms
27ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-106883604-1&cid=1447950607.1620950827&jid=58649400&_u=YEBAAEACQAAAAC~&z=1511831541

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 00:07:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/842977571/ 42 B
69 B 21ms
20ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/842977571/?random=1620950827497&cv=9&fst=1620950400000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&frm=0&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A&tiba=Catching%20the%20White%20Stork%20in%20Flight%20with%20multiple%20techniques%20and%20tools.&async=1&fmt=3&is_vtc=1&random=4048330950&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 00:07:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/842977571/ 42 B
64 B 26ms
26ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/842977571/?random=1620950827497&cv=9&fst=1620950400000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&frm=0&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A&tiba=Catching%20the%20White%20Stork%20in%20Flight%20with%20multiple%20techniques%20and%20tools.&async=1&fmt=3&is_vtc=1&random=4048330950&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 00:07:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p Show response
x.clearbit.com/v1/ 16 B
327 B 1890ms
209ms XHR
application/json 35.177.228.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clearbit.com/v1/p
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.228.44 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 14 May 2021 00:07:10 GMT
content-encoding: gzip
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://awakesecurity.com
access-control-allow-credentials: true
access-control-allow-headers: Authorization, API-Version, Content-Type

GET
H2 200 3455675.js Show response
js.hs-banner.com/ 59 KB
14 KB 480ms
479ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3455675.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3455675.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89be0693a8dc8b942684c0449102cb34d7264132af2fba417bf54a6b0523fbc7

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:09 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: T1W2VVT3PNQW3A87
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: teGSNytJsyBMu+UO01XJInGkxBH/dqK6npYSAe9UIhrGrF+2UANirQd66j+WevuMA+OohHtSEY0=
timing-allow-origin: *
last-modified: Wed, 12 May 2021 19:17:36 GMT
server: cloudflare
etag: W/"43fcaf9524abe3af244c97d5c0852e81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: UhdNB4L5D.EuEDuVRo1ouvOSinPzb.v8
access-control-allow-origin: https://lp.awakesecurity.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-request-id: 0a09cbdee5000097eaee895000000001
cf-ray: 64efe277cf6397ea-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Fri, 14 May 2021 00:12:09 GMT

GET
H2 200 3455675.js Show response
js.hs-analytics.net/analytics/1620950700000/ 62 KB
18 KB 160ms
159ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1620950700000/3455675.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3455675.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cee0ddf32d3767d0ae452c23a172e2928b594eca1904d186780b8baf34a4556

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:08 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: XHN431CGEN40EVW4
x-amz-server-side-encryption: AES256
cf-ray: 64efe277cdaa1f3d-FRA
x-amz-id-2: jpR4HW1Xo7gft+ueoXlxCmleObp4z4HCXiYQ3CgFUESuINMbJJSbdTk5Pd2opnAAbDDnH3MPbHg=
last-modified: Wed, 12 May 2021 19:23:39 GMT
server: cloudflare
etag: W/"683970de774c8521997b98e686a2fb8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-request-id: 0a09cbdee200001f3d8cab7000000001
content-type: text/javascript
expires: Fri, 14 May 2021 00:12:08 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
90 B 14ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=209847686&t=event&ni=1&_s=1&dl=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A&ul=en-us&de=UTF-8&dt=Catching%20the%20White%20Stork%20in%20Flight%20with%20multiple%20techniques%20and%20tools.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clearbit&ea=Enriched&el=Clearbit%20Enriched&_u=aGjAAEADQAAAAC~&jid=28382338&gjid=1842106071&cid=1447950607.1620950827&tid=UA-106883604-1&_gid=206258363.1620950829&_r=1&_slc=1&cd15=company&cd2=Spark%20Solutions&cd3=sparksolutions.co&cd6=11-50&cd5=Internet%20Software%20%26%20Services&cd13=google_apps%2Ccloud_flare%2Crecaptcha%2Cwordpress%2Cslack%2Camazon_s3%2Cgoogle_maps%2Ctwitter_button%2Cfacebook_advertiser%2Cgoogle_analytics%2Cgoogle_tag_manager%2Catlassian_jira%2Crabbitmq%2Cgithub%2Cmongodb%2Cpivotal_tracker%2Csalesforce%2Cpostgresql%2Ctrello%2Cmysql&cd4=Internet%20Software%20%26%20Services&cd8=2138470&cd9=Warszawa&cd10=mazowieckie&cd11=PL&z=582889102

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 May 2021 00:07:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://awakesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optanon.css
cdn.cookielaw.org/skins/4.6.0/default_flat_bottom_two_button_black/v2/css/ 23 KB
6 KB 38ms
29ms Stylesheet
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/skins/4.6.0/default_flat_bottom_two_button_black/v2/css/optanon.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/50621fd8-5485-497f-b48b-9bb066706ccd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bd0bc4edd5e4b256b9c40ce082680ad16a78ac5faf4d3337d39cf9605518bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 14 May 2021 00:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jzLE25vmrDR3ZmMxTSa8+w==
age: 6257
vary: Accept-Encoding
content-length: 5556
cf-request-id: 0a09cbdf63000005d082019000000001
x-ms-lease-status: unlocked
last-modified: Thu, 19 Sep 2019 20:24:34 GMT
server: cloudflare
etag: 0x8D73D3F62D46589
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: a92307ec-f01e-00e9-6ffe-3424e0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 64efe27899c305d0-FRA

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 21ms
20ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/50621fd8-5485-497f-b48b-9bb066706ccd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Origin: https://awakesecurity.com
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:08 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1620950828.dop245.fr8.t,1620950828.cds277.fr8.hn,1620950828.cds002.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

POST
H2 200 /
www.facebook.com/tr/ 0
108 B 7ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryVWIBVjrpAC4F8GZK

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 14 May 2021 00:07:09 GMT
content-type: text/plain
access-control-allow-origin: https://awakesecurity.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 ga.js Show response
ga.clearbit.com/v1/ 6 KB
2 KB 279ms
266ms Script
application/javascript 18.130.127.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ga.clearbit.com/v1/ga.js?authorization=pk_eb94a3b23abc2d3ed2b6bf58e9046752
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.127.114 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 512c1e18371d15f94439c228356e7eea5a6bbf7579964b279614c351077286fb

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:09 GMT
content-encoding: gzip
server: envoy
x-api-version: 2019-12-19
x-account-id: 85746c66-8dc1-4570-a5f6-b04cdecd3885
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 94ms
76ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-106883604-1&cid=1447950607.1620950827&jid=28382338&gjid=1842106071&_gid=206258363.1620950829&_u=aGjAAEADQAAAAC~&z=1813522432

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 May 2021 00:07:10 GMT
content-type: text/plain
access-control-allow-origin: https://awakesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
136 B 178ms
15ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery33107756719214388204_1620950830520&_=1620950830521

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 64efe28459df4ec7-FRA
content-length: 32
cf-request-id: 0a09cbe6b700004ec74cbfd000000001

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
30 B 36ms
36ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=209847686&t=event&ni=1&_s=2&dl=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A&ul=en-us&de=UTF-8&dt=Catching%20the%20White%20Stork%20in%20Flight%20with%20multiple%20techniques%20and%20tools.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clearbit&ea=Enriched&el=Clearbit%20Enriched&_u=aHjAAEADQAAAAC~&jid=1414225444&gjid=945802270&cid=1447950607.1620950827&tid=UA-106883604-1&_gid=434201459.1620950827&_r=1&gtm=2wg5c15XLMPQR&cd2=Spark%20Solutions&cd3=sparksolutions.co&cd6=11-50&cd5=Internet%20Software%20%26%20Services&cd13=google_apps%2Ccloud_flare%2Crecaptcha%2Cwordpress%2Cslack%2Camazon_s3%2Cgoogle_maps%2Ctwitter_button%2Cfacebook_advertiser%2Cgoogle_analytics%2Cgoogle_tag_manager%2Catlassian_jira%2Crabbitmq%2Cgithub%2Cmongodb%2Cpivotal_tracker%2Csalesforce%2Cpostgresql%2Ctrello%2Cmysql&cd4=Internet%20Software%20%26%20Services&cd8=2138470&cd9=Warszawa&cd11=PL&cd1=company&cd12=48&cd7=%241M-%2410M&z=1402261154

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 May 2021 00:07:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://awakesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
30 B 104ms
88ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=209847686&t=event&ni=1&_s=1&dl=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A&ul=en-us&de=UTF-8&dt=Catching%20the%20White%20Stork%20in%20Flight%20with%20multiple%20techniques%20and%20tools.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clearbit&ea=Enriched&el=Clearbit%20Enriched&_u=aHjAAEADQAAAAC~&jid=828030917&gjid=134400337&cid=1447950607.1620950827&tid=UA-106883604-1&_gid=434201459.1620950827&_r=1&gtm=2wg5c15XLMPQR&cd2=Spark%20Solutions&cd3=sparksolutions.co&cd6=11-50&cd5=Internet%20Software%20%26%20Services&cd13=google_apps%2Ccloud_flare%2Crecaptcha%2Cwordpress%2Cslack%2Camazon_s3%2Cgoogle_maps%2Ctwitter_button%2Cfacebook_advertiser%2Cgoogle_analytics%2Cgoogle_tag_manager%2Catlassian_jira%2Crabbitmq%2Cgithub%2Cmongodb%2Cpivotal_tracker%2Csalesforce%2Cpostgresql%2Ctrello%2Cmysql&cd4=Internet%20Software%20%26%20Services&cd8=2138470&cd9=Warszawa&cd11=PL&cd1=company&cd12=48&cd7=%241M-%2410M&z=2125454992

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 May 2021 00:07:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://awakesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 78ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=209847686&t=event&ni=1&_s=2&dl=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A&ul=en-us&de=UTF-8&dt=Catching%20the%20White%20Stork%20in%20Flight%20with%20multiple%20techniques%20and%20tools.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clearbit&ea=Enriched&el=Clearbit%20Enriched&_u=aHjAAEADQAAAAC~&jid=&gjid=&cid=1447950607.1620950827&tid=UA-106883604-1&_gid=206258363.1620950829&cd15=company&cd2=Spark%20Solutions&cd3=sparksolutions.co&cd6=11-50&cd5=Internet%20Software%20%26%20Services&cd13=google_apps%2Ccloud_flare%2Crecaptcha%2Cwordpress%2Cslack%2Camazon_s3%2Cgoogle_maps%2Ctwitter_button%2Cfacebook_advertiser%2Cgoogle_analytics%2Cgoogle_tag_manager%2Catlassian_jira%2Crabbitmq%2Cgithub%2Cmongodb%2Cpivotal_tracker%2Csalesforce%2Cpostgresql%2Ctrello%2Cmysql&cd4=Internet%20Software%20%26%20Services&cd8=2138470&cd9=Warszawa&cd10=mazowieckie&cd11=PL&cd1=company&cd12=48&cd7=%241M-%2410M&z=873904669

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 07:33:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59638
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
68 B 85ms
22ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-106883604-1&cid=1447950607.1620950827&jid=28382338&_u=aGjAAEADQAAAAC~&z=1090292610

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 00:07:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 84ms
22ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-106883604-1&cid=1447950607.1620950827&jid=28382338&_u=aGjAAEADQAAAAC~&z=1090292610

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 00:07:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-1208.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 67ms
51ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1208.min.js
Requested by: Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/?utm_source=hs_email&utm_medium=email&utm_content=127075587&_hsmi=127075587&_hsenc=p2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding: gzip
etag: "1a71e4208296f97b465116492f59124d"
x-amz-request-id: 5WX35NGYGYP5TM9Z
x-cache: HIT
content-length: 11777
x-amz-id-2: n6DIqAFurhBDE4DiFhubCfSiQlApIhdzEkVNPwuZOKYpuUrLroTR9dkR1bHym6QxY7ejN7LATMQ=
x-served-by: cache-hhn4054-HHN
last-modified: Wed, 10 Mar 2021 16:24:28 GMT
server: AmazonS3
x-timer: S1620950831.109066,VS0,VE0
date: Fri, 14 May 2021 00:07:11 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6617

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
280 B 168ms
153ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o1ivb&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 14 May 2021 00:07:11 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 442a8e647e5f2f33598d51dd815712a0bae2629a9e3ba0611b8f1860454213d4
x-transaction: 3ac7c45de3445b89
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
364 B 50ms
49ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=552bf00a-3b99-46d5-ab7b-f3e36e880305&fci=1eb712b2-6607-4b7e-83b1-091fc490027a&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=3455675&rcu=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&pu=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A&t=Catching+the+White+Stork+in+Flight+with+multiple+techniques+and+tools.&cts=1620950831230&vi=d3d34f15eb4f43d03496216fa25068e8&nc=true&u=52274294.d3d34f15eb4f43d03496216fa25068e8.1620950831106.1620950831106.1620950831106.1&b=52274294.1.1620950831107&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:11 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 7580c332-9d57-4867-beef-895fa482427e
cf-ray: 64efe2877e281f39-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 0a09cbe8ad00001f39e3240000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7XI8qg9RPviPups3K0tozCr%2B2no%2FdAtRvmI2FvLs3ypQv%2FAB9PbBfMG%2BoabgheJQjbtn2nkLyLm1liR4L4GHN1bhy7lBaSAOr6IBYF3XxAJmhdjPN1VjcBzWG61KCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
391 B 40ms
39ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=3455675&rcu=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&pu=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A&t=Catching+the+White+Stork+in+Flight+with+multiple+techniques+and+tools.&cts=1620950831239&vi=d3d34f15eb4f43d03496216fa25068e8&nc=true&u=52274294.d3d34f15eb4f43d03496216fa25068e8.1620950831106.1620950831106.1620950831106.1&b=52274294.1.1620950831107&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:07:11 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 6ae0cccd-02b5-46a2-b36c-e498f6ab17f2
cf-ray: 64efe2877e2b1f39-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 0a09cbe8af00001f39b2212000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7Cdmw7xpGe8AvNOzBL79VweO5KJ1%2Bzfk2yjkBHE6JW7hkW9kox3k2LpmBAh8DGHlHGK2F%2FUYUodae%2Bjg7tfARdSVpNz%2Bv%2BgaNgRh%2FZVe94QMstN1vT6NGZhe5MHHIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-106883604-1&cid=1447950607.1620950827&jid=1414225444&gjid=945802270&_gid=434201459.1620950827&_u=aHjAAEADQAAAAC~&z=1113516892

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 May 2021 00:07:15 GMT
content-type: text/plain
access-control-allow-origin: https://awakesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-106883604-1&cid=1447950607.1620950827&jid=828030917&gjid=134400337&_gid=434201459.1620950827&_u=aHjAAEADQAAAAC~&z=593839668

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 May 2021 00:07:15 GMT
content-type: text/plain
access-control-allow-origin: https://awakesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK NRJS-64a4f7ef2e21bc2285c Show response
bam.nr-data.net/1/ 57 B
275 B 2257ms
146ms Script
text/javascript 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-64a4f7ef2e21bc2285c?a=406231165&v=1208.49599aa&to=MVUBZRFTXxVSV00PWggfIlIXW14IHERWFUE%3D&rst=15476&ck=1&ref=https://awakesecurity.com/blog/catching-the-white-stork-in-flight/&ap=448&be=1751&fe=10806&dc=5582&perf=%7B%22timing%22:%7B%22of%22:1620950820247,%22n%22:0,%22f%22:774,%22dn%22:775,%22dne%22:785,%22c%22:785,%22s%22:810,%22ce%22:907,%22rq%22:907,%22rp%22:1595,%22rpe%22:1787,%22dl%22:1682,%22di%22:5583,%22ds%22:5583,%22de%22:5584,%22dc%22:10807,%22l%22:10807,%22le%22:11224%7D,%22navigation%22:%7B%7D%7D&fp=3428&fcp=3428&at=HRICE1lJTBs%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
68 B 101ms
17ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-106883604-1&cid=1447950607.1620950827&jid=1414225444&_u=aHjAAEADQAAAAC~&z=297910999

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 00:07:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 76ms
18ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-106883604-1&cid=1447950607.1620950827&jid=1414225444&_u=aHjAAEADQAAAAC~&z=297910999

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 00:07:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
68 B 19ms
17ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-106883604-1&cid=1447950607.1620950827&jid=828030917&_u=aHjAAEADQAAAAC~&z=1790725507

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 00:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 25ms
22ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-106883604-1&cid=1447950607.1620950827&jid=828030917&_u=aHjAAEADQAAAAC~&z=1790725507

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 00:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK NRJS-64a4f7ef2e21bc2285c Show response
bam.nr-data.net/events/1/ 24 B
184 B 142ms
142ms XHR
image/gif 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-64a4f7ef2e21bc2285c?a=406231165&v=1208.49599aa&to=MVUBZRFTXxVSV00PWggfIlIXW14IHERWFUE%3D&rst=25477&ck=1&ref=https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://awakesecurity.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.awakesecurity.com/	1970-01-20 03:01:26	Name: OptanonConsent Value: landingPath=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F%3Futm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D127075587%26_hsmi%3D127075587%26_hsenc%3Dp2ANqtz--5taozyGCcJT1BYldNYIpp40RiA0b5hg-6tM51C_tmbILUvU9ZxicAdX1_sY_z2kygwEcv-_FYMisaNJeEB63Bnhys9A&datestamp=Fri+May+14+2021+02%3A07%3A11+GMT%2B0200+(Central+European+Summer+Time)&version=4.6.0&EU=true&groups=0_64035%3A1%2C1%3A1%2C0_64034%3A1%2C0_64037%3A1%2C2%3A1%2C0_64036%3A1%2C3%3A1%2C0_64031%3A1%2C0_64042%3A1%2C0_64033%3A1%2C4%3A1%2C0_64040%3A1%2C0_64038%3A1%2C0_64043%3A1%2C0_64039%3A1%2C0_64070%3A1%2C0_64041%3A1%2C0_64072%3A1%2C0_64074%3A1%2C0_64032%3A1%2C0_64069%3A1%2C0_64071%3A1%2C0_64073%3A1%2C0_64075%3A1%2C8%3A1
.awakesecurity.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.awakesecurity.com/	1970-01-20 03:37:26	Name: __hstc Value: 52274294.d3d34f15eb4f43d03496216fa25068e8.1620950831106.1620950831106.1620950831106.1
.awakesecurity.com/	1970-01-19 20:25:26	Name: _fbp Value: fb.1.1620950829241.285521276
.awakesecurity.com/	1970-01-19 18:15:52	Name: __hssc Value: 52274294.1.1620950831107
.awakesecurity.com/	1970-01-19 18:15:50	Name: _gat_awake_security___all_website_data_Clearbit Value: 1
.awakesecurity.com/	1970-01-20 03:37:26	Name: hubspotutk Value: d3d34f15eb4f43d03496216fa25068e8
.awakesecurity.com/	1970-01-19 18:17:17	Name: _gid Value: GA1.2.206258363.1620950829
.awakesecurity.com/	1970-01-19 18:15:50	Name: _gat_UA-106883604-1 Value: 1
.awakesecurity.com/	1970-01-19 18:15:50	Name: _gat_cb252020 Value: 1
.awakesecurity.com/	1970-01-20 11:47:02	Name: _ga Value: GA1.2.1447950607.1620950827

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://go.recordedfuture.com/e2t/sc2/Mm-nFbk9JyrW5Z9fw75wmJ_qW8MKQPP5tfVwrW8rPGX_8hhVfHf1KTlgdd3(Line 13) Message: toS
console-api	log	URL: https://awakesecurity.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	(Line 1) Message: Clearbit For HubSpot included more than once
console-api	error	URL: https://front.optimonk.com/public/37807/js/preload.js(Line 115) Message: TypeError: Cannot read property 'getItem' of null [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
awakesecurity.com
bam.nr-data.net
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
front.optimonk.com
ga.clearbit.com
geolocation.onetrust.com
go.recordedfuture.com
googleads.g.doubleclick.net
hubspot.clearbit.com
img.blindspot.ai
js-agent.newrelic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.youtube.com
x.clearbit.com
x.clearbitjs.com
104.244.42.197
104.244.42.3
104.26.14.86
108.174.10.14
142.250.184.226
151.101.114.110
151.101.12.157
162.247.242.19
167.99.251.246
18.130.127.114
199.60.103.254
2001:4de0:ac18::1:a:1b
2606:4700:10::6814:b844
2606:4700::6810:5705
2606:4700::6810:9540
2606:4700::6811:47b0
2606:4700::6811:b849
2606:4700::6811:d4cc
2606:4700::6812:14bf
2606:4700::6813:9b53
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9c
2a02:26f0:6c00:2b0::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.121.124.121
35.177.228.44
68.232.35.12
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0bd0bc4edd5e4b256b9c40ce082680ad16a78ac5faf4d3337d39cf9605518bfe
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0fd53c9a4f4f15f5f3890b84ec00aa753017c965083d42db419082d38843d28a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4
1491f4ebb90c15f5cda35d273eca6cd18bce594c92015b96936a26ee3c0a3ef4
1547a5df4d7720dfbf9fceaac844032e843742b2a471435775e0739409361736
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
183f21ec916a9534f602c8f870ec31255ea4ab4c21e714947cbd84d896afca43
1ad7be1450b1857107cbdaf03fd3e1c23c864d10c3c5c842454fdefc6f2ee58c
1c089f77f3ddbfe385e7976439283a0c61ce2c9f89c30424d31901549150d82f
22ab4f87955019376f2eaec5fe15f635dba1966639b7e94c3f8f36cd561d2979
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
454ce7084cd805d53905210a4bb00b2308c662da3d28847559c01333fda0bbcd
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
512c1e18371d15f94439c228356e7eea5a6bbf7579964b279614c351077286fb
546c9cf28ee399e9811641e9a676a11fa382881a3cc3c5c4dadab2ec9b847c59
5904021a8a5855998e50ed296c5dc4f2b53a9b2fb9eff8bdbc6cf1286b972b26
59724cd88aeb9ed1579086352c4eefc048cdc7207c3dbf8c450ac1030cc57d3b
5a229e30fe5f24d9fcb727f2c24f78f43cf932cd5d9ec448c810b11ee32d611c
5a66b75a0605cde41e287281ecb1232c00ebb98371a0c52b6067d2a5d1fbef48
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
739f71b3b5d16fa62d7df8dd268821ee0ef4342f164e98cfcbabf470284f2abe
744c9878177e67a6f1e2e63dd8cac38561164bd4337efa970de2ca32473dcb3a
7ba8b7103c661883ced307b49494c1894d7d3625ebb58d913310c1ad36bca778
7cee0ddf32d3767d0ae452c23a172e2928b594eca1904d186780b8baf34a4556
827ad877bc995d3249dc37ce07b933b5783ee4a2cabf7ca9d6636b6e759ec50b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
89be0693a8dc8b942684c0449102cb34d7264132af2fba417bf54a6b0523fbc7
8a4e4d87eb5124ff8ace838e9e12db5b279607a0773d2b91cd079d85d426089b
8a8bc347505ebacb1141ff2b952479b1beacfe943752cbe90aa396fe0500fbd9
8dbd1b86a4f65d1d943c40ea71e8666b3de4e0ce36502dcd370de944265030f9
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947
9dd4a79ec5ab6b5376f8a4b0db2ef940817ed0354c95d33b4ce47a10da8d747e
a2ea951dfb0c7067f9448a213fd32537e43794e1512e70d12380f8f7c462a0c3
a3388c2b5ba30e692518edd87e972cba7424118cbff523c61e45a8cea3e76cc0
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
ab9241a07a70085385b3b30dbf081ad3296f8a95a48bbf524c5eb74f0fc030a4
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
bc780f71838c63d78cfa8ae427904a2188e4fa1342e2342300c623f6101510b8
c93bea6eb2c5cd796052d336d8f42741459817d0d02ba2c279b0a88691ae8190
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cdd69fc90aaa6107447ec5e7fe8071b48af33a6aa1e2a2d85a7d50ad4865841a
d088bee0f421a9d84586b4e47c7b43b179d44377f656af2e6e4021d7baceb726
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d45f938ac1b894b34900e11f4143c039c5113c00b8a59f0b55ec2352a15346b4
d6557261d09ccbbbab391ec90631b0fadecd59657988f84e8ab866d6571f1c0e
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e25a07abea29fb732abbcadbc34d98aff95a4629359c7201e5fe265a41f8a419
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee97d65f5684f079e2578cee924ca539ee9bda02fe2b251326ab6e9f963bc341
ef000116a095a861514ad5de78a59ffd3fea4733bee92e71aacfbb36577001de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f7d6781923c1121af3b28d0a2d3c9749620616109cc7a1093901ca62dbf6ee53

awakesecurity.com Open in urlscan Pro 104.26.14.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

100 %HTTPS

62 %IPv6

35 Domains

40 Subdomains

36 IPs

5 Countries

1201 kBTransfer

3203 kBSize

11 Cookies

11 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

awakesecurity.com Open in urlscan Pro
104.26.14.86 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

100 %
HTTPS

62 %
IPv6

35
Domains

40
Subdomains

36
IPs

5
Countries

1201 kB
Transfer

3203 kB
Size

11
Cookies

86 HTTP transactions
1 data transactions