www.crowdstrike.com Open in urlscan Pro
2606:4700::6812:d8e1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
Submission: On February 26 via api (February 26th 2020, 5:08:27 pm UTC) from US

Summary HTTP 148 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 49 IPs in 7 countries across 43 domains to perform 148 HTTP transactions. The main IP is 2606:4700::6812:d8e1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.crowdstrike.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 6th 2018. Valid for: 2 years.

This is the only time www.crowdstrike.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
63	2606:4700::68... 2606:4700::6812:d8e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
11	104.17.70.206 104.17.70.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.166.11.26 52.166.11.26	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
3	35.190.114.154 35.190.114.154	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	143.204.202.10 143.204.202.10	16509 (AMAZON-02) (AMAZON-02)
1	104.16.93.80 104.16.93.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	95.101.176.176 95.101.176.176	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:bc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	95.100.75.224 95.100.75.224	16625 (AKAMAI-AS) (AKAMAI-AS)
1	147.75.32.125 147.75.32.125	54825 (PACKET) (PACKET)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:10c... 2a02:26f0:10c:382::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	51.105.108.194 51.105.108.194	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.202.73 143.204.202.73	16509 (AMAZON-02) (AMAZON-02)
1	91.228.74.133 91.228.74.133	27281 (QUANTCAST) (QUANTCAST)
1 1	68.67.153.60 68.67.153.60	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	185.33.223.216 185.33.223.216	29990 (ASN-APPNEX) (ASN-APPNEX)
1	13.35.253.41 13.35.253.41	16509 (AMAZON-02) (AMAZON-02)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	147.75.32.99 147.75.32.99	54825 (PACKET) (PACKET)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN)
1	2600:9000:205... 2600:9000:2057:9c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	35.223.187.167 35.223.187.167	15169 (GOOGLE) (GOOGLE)
1	147.75.100.245 147.75.100.245	54825 (PACKET) (PACKET)
1	143.204.202.63 143.204.202.63	16509 (AMAZON-02) (AMAZON-02)
2 2	52.215.1.63 52.215.1.63	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.202.115 143.204.202.115	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	91.228.74.169 91.228.74.169	27281 (QUANTCAST) (QUANTCAST)
1 7	23.210.248.216 23.210.248.216	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
15 18	52.210.243.243 52.210.243.243	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2 2	3.123.244.246 3.123.244.246	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 2	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY)
1 2	35.157.121.171 35.157.121.171	16509 (AMAZON-02) (AMAZON-02)
1 2	3.122.47.160 3.122.47.160	16509 (AMAZON-02) (AMAZON-02)
1	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.190.72.21 35.190.72.21	15169 (GOOGLE) (GOOGLE)
1 2	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
2 2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
148	49

63 2606:4700::6812:d8e1 (United States)

ASN13335 (CLOUDFLARENET, US)

www.crowdstrike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.17.70.206 (United States)

ASN13335 (CLOUDFLARENET, US)

go.crowdstrike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.166.11.26 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

addsearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.114.154 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 154.114.190.35.bc.googleusercontent.com

sfc.leadspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.10 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-10.fra53.r.cloudfront.net

d12ulf131zb0yj.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.93.80 (United States)

ASN13335 (CLOUDFLARENET, US)

app-ab01.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.101.176.176 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-176-176.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bc2 (United States)

ASN13335 (CLOUDFLARENET, US)

api.ipstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.75.224 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-75-224.deploy.static.akamaitechnologies.com

sjrtp-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.32.125 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress14

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:382::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.105.108.194 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eu2.thunderhead.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.73 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-73.fra53.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.133 (United Kingdom)

ASN27281 (QUANTCAST, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.153.60 (United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: s.ml-attr.com.pxlsrv.net

s.ml-attr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.216 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 312.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.41 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-41.fra6.r.cloudfront.net

attr.ml-api.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

281-obq-266.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.32.99 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress12

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:9c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.223.187.167 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 167.187.223.35.bc.googleusercontent.com

sfgw.leadspace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.100.245 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress15

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.63 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-63.fra53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.1.63 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-1-63.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.202.115 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-115.fra53.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.169 (United Kingdom)

ASN27281 (QUANTCAST, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.210.248.216 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-216.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.210.243.243 (Dublin, Ireland) 15 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-243-243.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.244.246 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-244-246.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.164 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.127 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::4000 (United Kingdom) 1 redirects

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.121.171 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-121-171.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.47.160 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-47-160.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.145 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 21.72.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
74	crowdstrike.com www.crowdstrike.com go.crowdstrike.com	934 KB
24	adroll.com 15 redirects s.adroll.com d.adroll.com	38 KB
6	googleapis.com fonts.googleapis.com ajax.googleapis.com	97 KB
5	leadspace.com sfc.leadspace.com sfgw.leadspace.com	167 KB
4	google.com cse.google.com www.google.com	101 KB
4	addsearch.com addsearch.com	29 KB
3	yahoo.com 2 redirects ups.analytics.yahoo.com ads.yahoo.com	2 KB
3	facebook.com www.facebook.com	512 B
3	company-target.com 1 redirects api.company-target.com segments.company-target.com	2 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	adnxs.com 2 redirects secure.adnxs.com ib.adnxs.com	3 KB
3	facebook.net connect.facebook.net	256 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	73 KB
3	marketo.net munchkin.marketo.net	7 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net	552 B
2	openx.net 1 redirects us-u.openx.net	499 B
2	bidswitch.net 1 redirects x.bidswitch.net	913 B
2	3lift.com 1 redirects eb2.3lift.com	737 B
2	outbrain.com 1 redirects sync.outbrain.com	807 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	815 B
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	7 KB
2	bing.com bat.bing.com	8 KB
2	ipstack.com api.ipstack.com	1 KB
2	google-analytics.com www.google-analytics.com	44 KB
2	marketo.com app-ab01.marketo.com sjrtp-cdn.marketo.com	99 KB
1	rlcdn.com idsync.rlcdn.com	40 B
1	taboola.com trc.taboola.com	240 B
1	pubmatic.com simage2.pubmatic.com	1010 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	136 B
1	quantcount.com rules.quantcount.com	1 KB
1	mktoresp.com 281-obq-266.mktoresp.com	304 B
1	ml-api.io attr.ml-api.io	484 B
1	ml-attr.com 1 redirects s.ml-attr.com	281 B
1	demandbase.com tag.demandbase.com	15 KB
1	thunderhead.com eu2.thunderhead.com	218 B
1	licdn.com snap.licdn.com	2 KB
1	googletagmanager.com www.googletagmanager.com	45 KB
1	cloudfront.net d12ulf131zb0yj.cloudfront.net	3 KB
1	jquery.com code.jquery.com	33 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
148	43

	Domain	Requested by
63	www.crowdstrike.com	www.crowdstrike.com ajax.cloudflare.com go.crowdstrike.com
17	d.adroll.com	14 redirects
11	go.crowdstrike.com	www.crowdstrike.com go.crowdstrike.com app-ab01.marketo.com
7	s.adroll.com	1 redirects www.crowdstrike.com s.adroll.com go.crowdstrike.com
4	addsearch.com	ajax.cloudflare.com addsearch.com
3	www.google.com	cse.google.com
3	www.facebook.com	go.crowdstrike.com
3	connect.facebook.net	www.crowdstrike.com connect.facebook.net
3	munchkin.marketo.net	go.crowdstrike.com munchkin.marketo.net www.crowdstrike.com
3	sfc.leadspace.com	go.crowdstrike.com sfc.leadspace.com
3	ajax.googleapis.com	ajax.cloudflare.com go.crowdstrike.com
3	fonts.googleapis.com	www.crowdstrike.com sfc.leadspace.com
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	sync.outbrain.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	pixel.advertising.com	2 redirects
2	segments.company-target.com	1 redirects go.crowdstrike.com
2	match.prod.bidr.io	2 redirects
2	sfgw.leadspace.com	sfc.leadspace.com go.crowdstrike.com
2	px.ads.linkedin.com	1 redirects go.crowdstrike.com
2	secure.adnxs.com	2 redirects
2	bat.bing.com	www.googletagmanager.com go.crowdstrike.com
2	api.ipstack.com	code.jquery.com www.crowdstrike.com
2	www.google-analytics.com	go.crowdstrike.com www.google-analytics.com
1	idsync.rlcdn.com
1	ib.adnxs.com
1	trc.taboola.com
1	ads.yahoo.com	1 redirects
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	d.adroll.mgr.consensu.org	1 redirects
1	cse.google.com	www.crowdstrike.com
1	pixel.quantserve.com	go.crowdstrike.com
1	api.company-target.com	tag.demandbase.com
1	vars.hotjar.com	static.hotjar.com
1	rules.quantcount.com	secure.quantserve.com
1	www.linkedin.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	281-obq-266.mktoresp.com	munchkin.marketo.net
1	attr.ml-api.io	go.crowdstrike.com
1	s.ml-attr.com	1 redirects
1	secure.quantserve.com	www.crowdstrike.com
1	tag.demandbase.com	www.crowdstrike.com
1	eu2.thunderhead.com	www.crowdstrike.com
1	snap.licdn.com	www.crowdstrike.com
1	static.hotjar.com	www.googletagmanager.com
1	sjrtp-cdn.marketo.com	go.crowdstrike.com
1	www.googletagmanager.com	go.crowdstrike.com
1	app-ab01.marketo.com	go.crowdstrike.com
1	d12ulf131zb0yj.cloudfront.net	go.crowdstrike.com
1	code.jquery.com	go.crowdstrike.com
1	ajax.cloudflare.com	www.crowdstrike.com
148	56

This site contains links to these domains. Also see Links.

Domain
www.crowdstrike.fr
www.crowdstrike.de
www.crowdstrike.jp
go.crowdstrike.com
ir.crowdstrike.com
secure.ethicspoint.com
crowdstrike.wd5.myworkdayjobs.com
partner.crowdstrike.com
twitter.com
www.facebook.com
www.instagram.com
www.linkedin.com
www.youtube.com
www.addsearch.com

Subject Issuer	Validity	Valid
www.crowdstrike.com DigiCert SHA2 Extended Validation Server CA	`2018-06-06` - `2020-06-24`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
go.crowdstrike.com CloudFlare Inc ECC CA-2	`2019-07-10` - `2020-07-09`	a year	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
www.addsearch.com DigiCert SHA2 Extended Validation Server CA	`2019-01-08` - `2021-04-07`	2 years	crt.sh
*.leadspace.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-11` - `2021-11-10`	2 years	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
app-ab01.marketo.com CloudFlare Inc ECC CA-2	`2020-01-22` - `2020-10-09`	9 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2018-12-24` - `2020-03-24`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
ipstack.com CloudFlare Inc ECC CA-2	`2020-01-15` - `2020-10-09`	9 months	crt.sh
*.marketo.com DigiCert SHA2 Secure Server CA	`2018-12-15` - `2020-03-15`	a year	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.thunderhead.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2021-11-16`	2 years	crt.sh
*.demandbase.com Go Daddy Secure Certificate Authority - G2	`2018-09-20` - `2020-11-19`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
*.ml-api.io Amazon	`2020-02-06` - `2021-03-06`	a year	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2019-06-19` - `2021-08-18`	2 years	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2019-11-06` - `2020-12-06`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-02-13` - `2020-08-11`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-02-14` - `2020-07-25`	5 months	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2019-04-17` - `2020-05-04`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh

This page contains 3 frames:

Primary Page: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
Frame ID: 9F937D778CDD8F6D3F834B7CEEB9DC7C
Requests: 73 HTTP requests in this frame

Frame: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
Frame ID: 13187F34FA9694FD6118AE0249096285
Requests: 75 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 450946F179F4A77646BE50F353D86888
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui.*\.js/i
html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i
script /jquery\.prettyPhoto\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i
script /jquery\.prettyPhoto\.js/i

Page Statistics

148
Requests

100 %
HTTPS

33 %
IPv6

43
Domains

56
Subdomains

49
IPs

7
Countries

1965 kB
Transfer

6625 kB
Size

12
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.crowdstrike.fr/
Title: Français

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.de/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.jp/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://go.crowdstrike.com/try-falcon-prevent.html
Title: start free trial

Search URL Search Domain Scan URL

URL: https://go.crowdstrike.com/try-falcon-prevent-small-business.html
Title: Small Business Solutions

Search URL Search Domain Scan URL

URL: https://go.crowdstrike.com/symantec-offer.html
Title: Switching From Symantec?

Search URL Search Domain Scan URL

URL: https://ir.crowdstrike.com/
Title: Investors

Search URL Search Domain Scan URL

URL: https://secure.ethicspoint.com/domain/media/en/gui/54989/index.html
Title: Code of Ethics/Compliance

Search URL Search Domain Scan URL

URL: https://crowdstrike.wd5.myworkdayjobs.com/crowdstrikecareers
Title: View Open Positions

Search URL Search Domain Scan URL

URL: https://partner.crowdstrike.com/
Title: Partners Login

Search URL Search Domain Scan URL

URL: https://partner.crowdstrike.com/s/login/
Title: Partner Login

Search URL Search Domain Scan URL

URL: https://twitter.com/CrowdStrike

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CrowdStrike/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/crowdstrike/?hl=en

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/crowdstrike

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/CrowdStrike

Search URL Search Domain Scan URL

URL: http://www.addsearch.com/?utm_source=customer&utm_medium=referer&utm_campaign=customer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dcrowdstrike.com%26pId%3d%24UID HTTP 302
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dcrowdstrike.com%26pId%3d%24UID HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dcrowdstrike.com%2526pId%253d%2524UID HTTP 302
https://attr.ml-api.io/?domain=crowdstrike.com&pId=505895833572884788

Request Chain 104

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=64444&url=https%3A%2F%2Fwww.crowdstrike.com%2F&time=1582736888196 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D64444%26url%3Dhttps%253A%252F%252Fwww.crowdstrike.com%252F%26time%3D1582736888196%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=64444&url=https%3A%2F%2Fwww.crowdstrike.com%2F&time=1582736888196&liSync=true

Request Chain 111

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAMq1068rUwAABd2Hbv3iA HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAMq1068rUwAABd2Hbv3iA&verifyHash=d96b15183e491518d9c5cf2c62fb8dd513def47e

Request Chain 119

https://s.adroll.com/j/exp/5Q4Q33H4BRCRBAXODNJYP6/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 121

https://d.adroll.mgr.consensu.org/consent/iabcheck/5Q4Q33H4BRCRBAXODNJYP6?_s=1603f29ac9652f547d28bd1b12a5c267&_b=2 HTTP 302
https://d.adroll.com/consent/check/5Q4Q33H4BRCRBAXODNJYP6/?_s=1603f29ac9652f547d28bd1b12a5c267&_b=2

Request Chain 130

https://d.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&pv=53676361223.76773&cookie=&adroll_s_ref=https%3A//www.crowdstrike.com/&keyw=&arrfrr=https%3A%2F%2Fgo.crowdstrike.com%2FWC2019OverwatchReport_LPDownload21.html HTTP 302
https://s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/JK7SIYBXVFBL3G4JSDFST7.js

Request Chain 133

https://d.adroll.com/cm/aol/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP9012be0d-58ba-11ea-aafd-02a17f3c404a HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP9012be0d-58ba-11ea-aafd-02a17f3c404a&verify=true

Request Chain 134

https://d.adroll.com/cm/index/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&expiration=1614272889 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&expiration=1614272889&C=1

Request Chain 135

https://d.adroll.com/cm/n/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&expires=365

Request Chain 136

https://d.adroll.com/cm/outbrain/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&rdrctExp=true

Request Chain 137

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 138

https://d.adroll.com/cm/r/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 139

https://d.adroll.com/cm/taboola/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA

Request Chain 140

https://d.adroll.com/cm/triplelift/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

Request Chain 141

https://d.adroll.com/cm/b/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA

Request Chain 142

https://d.adroll.com/cm/x/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA

Request Chain 143

https://d.adroll.com/cm/l/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=6af735f91afac7deadabb37fda713980

Request Chain 144

https://d.adroll.com/cm/o/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=6af735f91afac7deadabb37fda713980 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=6af735f91afac7deadabb37fda713980

Request Chain 145

https://d.adroll.com/cm/g/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=avc1-Rr6x96tq7N_2nE5gA HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=avc1-Rr6x96tq7N_2nE5gA&google_tc= HTTP 302
https://d.adroll.com/cm/g/in

148 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/ 65 KB
13 KB 171ms
76ms Document
text/html 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8194edd0b1baf83858f7dacd0206f65f2b6f3a10a6edef4ae58cc25e94727d8e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.crowdstrike.com
:scheme: https
:path: /resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Wed, 26 Feb 2020 17:08:06 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=d0eb649afbf8fef2fb43bd0313909ec231582736886; expires=Fri, 27-Mar-20 17:08:06 GMT; path=/; domain=.crowdstrike.com; HttpOnly; SameSite=Lax; Secure
cf-ray: 56b384e5de4164cd-FRA
access-control-allow-origin: https://www.crowdstrike.jp
age: 3618
cache-control: public, max-age=3600
expires: Wed, 26 Feb 2020 21:08:06 GMT
last-modified: Thu, 20 Feb 2020 20:44:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 ae3e6ab763f755c867a3b493d306312c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin-when-cross-origin
x-amz-cf-id: bKpUAElH14ISkiq5ZTcRyt0jYZ7KmXog6fPxLHQP7so38Kq9BQzR-w==
x-amz-cf-pop: FRA53
x-amz-version-id: .EoZLPrIbgpymTqxHyB5CyhCQs4WQKnA
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br

GET
H2 200 crowdstrike-fonts.css
www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/ 19 KB
4 KB 61ms
53ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/crowdstrike-fonts.css

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e98db8f0cd60d4ee378438d39ef0c7e735f2c2c4f638f8e4842564927602e304

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-polished: origSize=22106
cf-ray: 56b384e69ecf64cd-FRA
x-cache: Hit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:21 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"39a81f672ec495a80c4c52e22e6b9303"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: LOOCLIbc.Syn9qVirrS6eeEhZbHzTutW
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: AWkRvWZEt_MRtWHecfho9_CegDg4RaODEZro7tccUO2iefJrju0xxg==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 crowdstrike-pages.css
www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/new-css/ 130 KB
21 KB 84ms
76ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/new-css/crowdstrike-pages.css

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

480ee4ac7b19db2474aa0bdf40695264dd231ac2432ad9fa03daa4daacca2a21

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1246
cf-polished: status=cannot_optimize
cf-ray: 56b384e69ed264cd-FRA
x-cache: RefreshHit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:23 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"f6e01536fe8820c906f24bc0be6f18d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: puvoQ7ACdhHBix3An87LH4NoTduKls0a
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: 7Va25EKdv5gtHC5DJ4fEKzuVTvh_KRPMA8mxT5WiiwUrKb_HLkISsA==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 crowdstrike-components.css
www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/new-css/ 12 KB
3 KB 112ms
104ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/new-css/crowdstrike-components.css

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa894ab4d5209637ebd77769058ab928b31a157a6e0934a396f4ed47d16aee4e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2234
cf-polished: origSize=15372
cf-ray: 56b384e69ed464cd-FRA
x-cache: Miss from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:23 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"c6eeff82db81da270fcdae8c7df4507f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: ELyth_VlsR1aYKUXuaCylqsm.iziZheT
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: R1gfziqoGbE1OTvtp8Ixj99ZJ7_Xc8TUE_6P1qp6gZoxbL4511lX7w==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 crowdstrike-header-footer.css
www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/new-css/ 22 KB
5 KB 87ms
80ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/new-css/crowdstrike-header-footer.css

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e172a52cfd5eb5fa71a0ad9c932589cca2ef24e74996f064773d01558bc02d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-polished: origSize=28875
cf-ray: 56b384e69ed564cd-FRA
x-cache: Miss from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:23 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"dbc0f8a5c29f2aa19f3a781c6e490b53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: L_Ix3f4PNOJ1w7bPrn5hdy17SCRkTpeg
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: SVzcNTSRG_9WbElix4WXRU5JD0IywzxJ9peoaS9WcUEhU_S_IoYY3A==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 crowdstrike-resources.css
www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/new-css/ 35 KB
6 KB 59ms
53ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/new-css/crowdstrike-resources.css

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

188db31839e8c1251d3020ed80245f15a422fdc60e8621fb7e921f4a7b2697df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1246
cf-polished: origSize=47175
cf-ray: 56b384e69eda64cd-FRA
x-cache: Hit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:23 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"b62adeee8947a31599c3ba769041a632"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: jnpeyS1ltFY74vO.9MUpK.3rOGgtjPIU
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: J-Q7hGSIrPIJQzbnb5QZwSasX0qaGC4u19JnOSH3o0GCDX0jp628dg==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 crowdstrike-fonts.css
www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/new-css/ 21 KB
3 KB 90ms
84ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/new-css/crowdstrike-fonts.css

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9393dfa11f9bf5556a437e9a2c159ee1e5d4d5f0c86a3d1f1528f5be8bb00a69

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1246
cf-polished: origSize=22895
cf-ray: 56b384e69edb64cd-FRA
x-cache: Hit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:23 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"ad837ec5d508277da47388ff7f7ea6c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: _9szodB27djcSRKUZZW0rir3n38WjuLt
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: 3EmB2bZDM323AR299a4b8BfByY9OEgG8oq_RFmzLV-iOcv786DFXMA==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 crowdstrike-base.css
www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/new-css/ 18 KB
4 KB 67ms
61ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/new-css/crowdstrike-base.css

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8975089ce6594c29c7ce3b0f8083ae80c9ca03c96fa3c7e4f70e427fa427a07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-polished: origSize=23640
cf-ray: 56b384e69edc64cd-FRA
x-cache: Hit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:23 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"bc17cea379fbcb05a0081c3be691c093"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: fMNnttwMgCXmCYC_E9QiBKzu77eSeqS6
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: tnKsGC1tDBmKg6x1QqeFSdlxp8keEDltE4MqXnMo6Fha-FKOzpzABQ==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 js_composer.min.css
www.crowdstrike.com/resources/wp-content/plugins/js_composer/assets/css/ 711 KB
54 KB 99ms
93ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=4.11.2.1

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eb8b0b461886b58a6d7a704ffc72912c4268363deecd5c963ed266c0fd709fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-ray: 56b384e69edd64cd-FRA
x-cache: Hit from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:26:49 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"75524a37b1fdfa976ca2a302619812ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: 5w6JEN5KRPPUaT2nzo1eZWpzHVaAd5eD
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: UjYrCMiHsEKlAiTZSZaH55E4OQsoNnkvyzfctUDiDMEBrvErUuZi4w==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 style.min.css
www.crowdstrike.com/resources/wp-includes/css/dist/block-library/ 25 KB
4 KB 108ms
101ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-includes/css/dist/block-library/style.min.css?ver=5.0.3

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-ray: 56b384e69ede64cd-FRA
x-cache: Hit from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:29:58 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"eb1a96949e0ea0d08033d3f941bf1f3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: ZbdZJz_6eqnx2TJKhitLNcQqjk7Vb.eh
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: YLGlrUokXqGnVArBarxpUSLBPKQLaql3KJYyAh1tnIyKGEgPe8mnww==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 settings.css
www.crowdstrike.com/resources/wp-content/plugins/essential-grid/public/assets/css/ 24 KB
5 KB 106ms
100ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=2.0.9.1

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77f6968e6f1b1fed1b4c703fea51a7c5666baf2c469a62b1b953cf0bf75d569

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-polished: origSize=34095
cf-ray: 56b384e69edf64cd-FRA
x-cache: RefreshHit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:26:49 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"db8b3df96f51e622970e3f0402e5e287"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: 12Y0oimvqmxiZE5H8u3.ozQ1dlEBWqC0
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA6-C1
content-type: text/css
x-amz-cf-id: PthZfz_rInUVG1YOY-euZ1uhNziDhj6_RsG_3ggQt7cCfpjN0CH9ew==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
600 B 47ms
41ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Teko%3A300%2C400%2C500&ver=5.0.3

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

10da1f5628d7937bdc03d586f6696982014673a7cccfb9af904eaec424ceddc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Feb 2020 17:08:06 GMT
server: ESF
date: Wed, 26 Feb 2020 17:08:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Feb 2020 17:08:06 GMT

GET
H2 200 style.css
www.crowdstrike.com/resources/wp-content/themes/Total/ 165 KB
28 KB 81ms
75ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/style.css?ver=5.0.3

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e35c5b75710940a4c35bef615dcf18fe3d12ead0a69208bb4858c17ac4fd39c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1246
cf-polished: origSize=207148
cf-ray: 56b384e69ee064cd-FRA
x-cache: Miss from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:44 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"75571fba809e72d7746030ac1505232f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: ECL0WGkaoVK88QQlxLF7VOCXnsTTpqHy
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: m_wU6bYkVQYgeGfpEx7K9CbDuWmERo012_QpD3IA5CXX_repXtm3ng==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 prettyPhoto.css
www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/cs/ 19 KB
3 KB 57ms
51ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/cs/prettyPhoto.css?ver=5.0.3

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cfcd969a692602c4acd1285a22163938bea53181ed737341ab036719ce0005c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-polished: origSize=19888
cf-ray: 56b384e69ee264cd-FRA
x-cache: Hit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:13 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"e8d324d0a1c308cc2c9fdddb263223d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: WmfHf7sKbJCxU.FyUmA_RhCQTUCQMteD
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: rc1N332OkfQLf_lQDe-2ukTXygn910jZvwnsgOA6CDs9LrNAuKxPfg==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 crowdstrike-resources.css
www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/new-css/ 35 KB
6 KB 106ms
101ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/new-css/crowdstrike-resources.css?ver=5.0.3

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

188db31839e8c1251d3020ed80245f15a422fdc60e8621fb7e921f4a7b2697df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-polished: origSize=47175
cf-ray: 56b384e69ee364cd-FRA
x-cache: Hit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:13 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"b62adeee8947a31599c3ba769041a632"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: CgYMxbqPyY7wTITclK2MBgBsq9S5O_e3
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA53-C1
content-type: text/css
x-amz-cf-id: OO47k7bhWjRyP0mA7d-gNeFL1NJgrzfzxg9LEq8Ptd0_n8hnCByYIQ==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 font-awesome.min.css
www.crowdstrike.com/resources/wp-content/themes/Total/css/lib/ 27 KB
6 KB 109ms
104ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/css/lib/font-awesome.min.css?ver=4.3.0

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b6b47fc2e4648d1f3173437faf2065ecd7cc89142d338151bf0b0c2404b5005

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-ray: 56b384e69ee464cd-FRA
x-cache: Hit from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:27 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"1a2da6a6f65981e490a4baa0b382bd76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: hxnePVv80jd2D7VwQYq0dVBugrPocBVA
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: Fmz6u9p6yxyWtyQnBztYfpuBVBEhq5nOoiLBgG7quZbTv3mezpea2w==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 style.css
www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/ 11 KB
3 KB 48ms
42ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/style.css?ver=3.4.0

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c23f34ab5dd833e83e48b13735ec1e9c7488e9167ce21f5684ceb8a96fad92f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1246
cf-polished: origSize=15643
cf-ray: 56b384e69ee564cd-FRA
x-cache: Miss from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:15 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"88bcc607a8b0240119ae698d163735a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: SduKXfBU9aFfRappBMXXrbtR7JTfjq97
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: AEGh4Ax3uFFOyYKIQRc4ehxLKphUo6_1MfK_zLWJg-xEJ6vmVA7x1Q==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 wpex-visual-composer.css
www.crowdstrike.com/resources/wp-content/themes/Total/css/ 16 KB
3 KB 64ms
59ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/css/wpex-visual-composer.css?ver=3.4.0

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ba64d5d6befa797adc2b067a3d18264000514632fe26b538e41ac53b1427ef1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-polished: origSize=21996
cf-ray: 56b384e69ee864cd-FRA
x-cache: Miss from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:27 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"b5ca5e5714e3c83db89b9fe0f706fb37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: 6ovwOLpt24n8.6KQ0eNnRZO72MUQECox
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: Z5x_PIuZ09XuVXkYvPxetWD6u3F-Zp4F5qiMIbUj6-hLpt_LVOeZpg==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 wpex-visual-composer-extend.css
www.crowdstrike.com/resources/wp-content/themes/Total/css/ 26 KB
5 KB 53ms
48ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/css/wpex-visual-composer-extend.css?ver=3.4.0

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6acfe3a6177be6a218fdf1798e59451d115fb0ce82e89eb1b3688f3e61654360

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-polished: origSize=36514
cf-ray: 56b384e69ee964cd-FRA
x-cache: Miss from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:27 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"34cf386947b3c746289c34f47bc78fea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: RwIOkbKu1iHBF7CjVrBniebC77ogzahR
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: 8UDJNKB-FrJje6yDjW4uIz2Kv0zij62avhuTua73x5O9phVw3d3tlA==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 wpex-responsive.css
www.crowdstrike.com/resources/wp-content/themes/Total/css/ 13 KB
3 KB 104ms
99ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/css/wpex-responsive.css?ver=3.4.0

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

584d9561cae38e4b99fdf6bc3911eaf789d12e7b39021930d977258663ae6a46

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-polished: origSize=18863
cf-ray: 56b384e69eea64cd-FRA
x-cache: Hit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:27 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"114aa455cb3d24c0c808366bdae7b2bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: mz0mQcxEc31X65MYC3C.ZSN1XXC_hQ1A
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: I0y6h-VFgXcV8VVfsEGSgaBNXR3Zp-Roew8-LL5Arqc2Nue6Vc1UEg==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 agent-style.css
www.crowdstrike.com/resources/wp-content/themes/Total/skins/classes/agent/css/ 9 KB
2 KB 94ms
89ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/skins/classes/agent/css/agent-style.css?ver=1.0

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95b980b2ef3a93bdab65089dfabc183007988095794e319ddf99498952a25068

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 3df1d6f6e1999cb29078ddff1a62bd1d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-polished: origSize=12517
cf-ray: 56b384e69eeb64cd-FRA
x-cache: Miss from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:44 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"40a4e7e73b7b16c096b668fbec6d6e27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: odb_ZDpqa14riD8Z9xNVr0S2qZaSq4UD
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: iqFa1Q_8dnFxGth_TAkMrduueVncZvIDpnbH9DaG8kxYu5PaZokjHw==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 style_fix.css
www.crowdstrike.com/resources/wp-content/themes/Total/ 85 B
323 B 51ms
47ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/style_fix.css

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

892eace985d75c841e262f90367bbbda5ae2c20a686bf34457993b45d8bc86a6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1246
cf-polished: origSize=94
cf-ray: 56b384e69eec64cd-FRA
x-cache: Hit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:44 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"f1dc49357ddc7cc3c0ab4b90569d4fc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: qPnBBjxkOyGkr_AzVdiFb1wwrlYeCfUw
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: 2tlWb6iK91CKfFc7BVFm35MhdtV9HMpHLaHRyXicqKRye4B9wSbixQ==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 style.cs.css
www.crowdstrike.com/resources/wp-content/themes/Total/ 166 KB
23 KB 84ms
79ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/style.cs.css

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de6770bee347164c17e9c7d5ee2aa2243e58c7ef6112424aa0dc75aaedc3d7ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1246
cf-polished: origSize=171639
cf-ray: 56b384e69eef64cd-FRA
x-cache: Hit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:44 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"6f760656701200352ec6b2d1df26e22e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: g7iv5soG_pklj157KXERqhkor6IRp1e.
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: 10KhWDCooS2GIIvB5-6lfLgaJ3sFZYhSSRCIP4EdpX9ZhI4-lXmTIQ==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H2 200 falcon-overwatch-mid-year-report-2019-ipad.jpeg
www.crowdstrike.com/resources/wp-content/uploads/2019/09/ 36 KB
36 KB 203ms
199ms Image
image/jpeg 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/resources/wp-content/uploads/2019/09/falcon-overwatch-mid-year-report-2019-ipad.jpeg

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

426b5498cc22156b7811afcb3dd5770db20bb1ee0fa67985200283db1f5d508e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA50-C1
cf-polished: degrade=85, origSize=166753
x-cache: Miss from cloudfront
status: 200
cf-bgj: imgq:85
vary: Accept-Encoding
content-length: 36436
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:29:55 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: "5523f47e896dfbe2e13f1a6fcadae428"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
x-amz-version-id: 8cnipTwZeuEUBhX0EAw3n5q0EhIzG77D
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 56b384e69ef064cd-FRA
x-amz-cf-id: jTy8z2gR-Ewko-OE09PmpRfxzX8FQw-Lc3sNgRRaYL3JfbQL7ovKxw==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
581 B 46ms
42ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&subset=latin&ver=5.0.3

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

129b362d6e4cf43a5ada8cb4a40f7706b7950cf9601b89c15021c81cea919112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Feb 2020 17:08:06 GMT
server: ESF
date: Wed, 26 Feb 2020 17:08:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Feb 2020 17:08:06 GMT

GET
H2 200 WC2019OverwatchReport_LPDownload21.html Show response
go.crowdstrike.com/ Frame 1318 74 KB
12 KB 549ms
339ms Document
text/html 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45001bba1f50c74d6fb27cce10d815c9d30e13b6418af474e1758d2cb0ecdd58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: go.crowdstrike.com
:scheme: https
:path: /WC2019OverwatchReport_LPDownload21.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
referer: https://www.crowdstrike.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d0eb649afbf8fef2fb43bd0313909ec231582736886
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.crowdstrike.com/

Response headers

status: 200
date: Wed, 26 Feb 2020 17:08:07 GMT
content-type: text/html; charset=utf-8
p3p: CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
vary: *,Accept-Encoding
x-content-type-options: nosniff
x-cache-status: MISS
x-mkto-nginx-cache: true
set-cookie: BIGipServerab01web-nginx-app_https=!ejkq3drgmFU8UB1ybf/nLIVwOTHiDpe91FisggldcAGNfDNa0zP3ejJ/Gf9uZothfUHL4uo/MPHEYgo=;Path=/;Version=1;Secure;Httponly __cf_bm=53fe6065b8b5c2df34888ab5dc2645bd3ff28ef1-1582736887-1800-AcuNFz+xgk2D+zjE6UHbxgTyRg59uuxQ87ZC5u7dU7u6L2UQ02N7i9G5RTP0bRUq/uqxUlaeOUv7i8v4WcutpVY=; path=/; expires=Wed, 26-Feb-20 17:38:07 GMT; domain=.go.crowdstrike.com; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56b384e7d8869bdf-AMS
content-encoding: gzip

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 44ms
40ms Script
application/javascript 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:15:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e4d0ade-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 56b384e69abfc277-FRA
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires: Fri, 28 Feb 2020 17:08:06 GMT

GET
H2 200 crowdstrike-fonts.css
www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/cs/ 19 KB
3 KB 85ms
47ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/cs/crowdstrike-fonts.css

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e98db8f0cd60d4ee378438d39ef0c7e735f2c2c4f638f8e4842564927602e304

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:06 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1246
cf-polished: origSize=22106
cf-ray: 56b384e73f6c64cd-FRA
x-cache: Hit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:11 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"39a81f672ec495a80c4c52e22e6b9303"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: I3fXRYbt2rAFjPJ_zbs7zyDjNGNGp1Fi
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA6-C1
content-type: text/css
x-amz-cf-id: ixXZ0OfskDZSXjzc7kgtUXvVNbnImTdTOIeHCUioQUR4vTMBBbNWuQ==
expires: Wed, 26 Feb 2020 21:08:06 GMT

GET
H/1.1 200
OK / Show response
addsearch.com/js/ 1 KB
1011 B 155ms
16ms Script
application/javascript 52.166.11.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://addsearch.com/js/?key=7737a29b854de71521b1cd72c4118cfc

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.11.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

50886488d3515d60717c6ae549978d0b5e017d896f0c93dfdb87e084e8e0d480

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;

Request headers

Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 17:08:07 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/javascript;charset=UTF-8
Connection: keep-alive
Content-Length: 730

GET
H2 200 event_tracking.js Show response
www.crowdstrike.com/wp-content/custom_js/ 33 B
271 B 44ms
35ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/custom_js/event_tracking.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f073dc1cb254257b70f1b55095169fff06c80db72ae13378d8c93948758c7b46

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2022
cf-polished: origSize=1184
x-cache: RefreshHit from cloudfront
status: 200
vary: Accept-Encoding
content-length: 33
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 09 Oct 2019 17:29:08 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: "8fc383f80e946aa25788e3f317ad0f1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: https://www.crowdstrike.jp
expires: Wed, 26 Feb 2020 21:08:07 GMT
cache-control: public, max-age=3600
x-amz-version-id: 7Xx9lmkpmxGEbWQJlBWon_YLEIdzm7Xq
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 56b384e8486964cd-FRA
x-amz-cf-id: SJFnnDSmWbAihPUXb8TmMzJMLlsLP0gekdzCeu3jqpu6ToQFiugC-g==
cf-bgj: minify

GET
H2 200 retrieve-ctm-cookies.js Show response
www.crowdstrike.com/wp-content/custom_js/ 1002 B
723 B 44ms
30ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/custom_js/retrieve-ctm-cookies.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0842bb0efb6d5b48d40db26395141d1c40420e7ee434ab16c93544be8a748583

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2022
cf-polished: origSize=1323
cf-ray: 56b384e8487464cd-FRA
x-cache: Miss from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:30:53 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"9a2efd5c63e54ab6d819f7136498e761"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: 5JWbzscYJTAMs4cETYmWG5VdKRDAD9sB
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: 010adCsHEIUbG9eTUvr95ZexzBRRvFEhBGAMmt-NpgXvxg48aq-O0Q==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 retrieve-utm-cookies.js Show response
www.crowdstrike.com/wp-content/custom_js/ 956 B
727 B 28ms
14ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/custom_js/retrieve-utm-cookies.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

234131ad8717450135a236eaa12703f3c45adecede5483618bfe3e5822076fd0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2022
cf-polished: origSize=1265
cf-ray: 56b384e8487564cd-FRA
x-cache: RefreshHit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 09 Oct 2019 17:29:08 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"ac57e5b5af25529d0682cd716c58339c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: lORmbbMfa_K_4Bw2bx9K8XC6si9AtaJ_
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: g_EfePB7KjL6wuG4L1Z2Di0TjpwpFpcUVrpwxMbRdUqNmtYP5LwoAw==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 set-ctm-cookies.js Show response
www.crowdstrike.com/wp-content/custom_js/ 980 B
653 B 72ms
35ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/custom_js/set-ctm-cookies.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

864a06c631e8d4f42b39556ca18631c184a4c6bb2eee8da04bb3cc29b66b219d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3853
cf-polished: origSize=1156
cf-ray: 56b384e878a564cd-FRA
x-cache: Hit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:30:53 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"b97bd6711f7495752ffc3c0b4dbc3da2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: 83_4kmWywoK61I.1ffdjWVF1tdc6l3Fw
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: grtIV8JcF7KtJCUHbgk-3OuA0kyH1nCsLvLCh9pAZyOPelflty3HIQ==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 set-utm-cookies.js Show response
www.crowdstrike.com/wp-content/custom_js/ 936 B
657 B 186ms
150ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/custom_js/set-utm-cookies.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85fa30d1465d9e61b36a2670cfd656a97ce2da2f9b47577a640a6f3f282bed03

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2022
cf-polished: origSize=1055
cf-ray: 56b384e878a664cd-FRA
x-cache: Miss from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 09 Oct 2019 17:29:08 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"7c429891d15c5cfa0947bceb6916815e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: qryEwteknlzKhcKVy5zMt91GwU3HWnTe
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: nWbuso94bQL8ZvoeoJ2UtrYDPD0YVrouTVbuNx0wB7Y3SoFNkrVNvg==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 cs_menu.js Show response
www.crowdstrike.com/resources/wp-content/themes/Total/js/ 4 KB
1 KB 83ms
48ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/js/cs_menu.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91fe79e8e8291b77812425be5ad6ef3cff7289c1456147682cac9d130a312555

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5735
cf-polished: origSize=6423
cf-ray: 56b384e878a764cd-FRA
x-cache: Hit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:41 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"d71090df06795b53d0d99a1f13f90cdd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: uOlK6hfs0RDvcK6sermsnGpErLfREu8q
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: iCBg4Gk7X_ed4kwfuKymlBDKfCXc_c4Ah-GDBFhxR8SHuhuVVkaZ3A==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 js_composer_front.min.js Show response
www.crowdstrike.com/resources/wp-content/plugins/js_composer/assets/js/dist/ 19 KB
6 KB 67ms
33ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=4.11.2.1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95a91e047817247386ced0e355c8870ddad9ed1190c6cf8492155d0d172b3cac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5735
cf-ray: 56b384e878a864cd-FRA
x-cache: Hit from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:26:51 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"1b9a9d83b03c320fb2351c0713248761"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: P7ff3gU6jH8aI8ib.4MImc4Un1ckfVnX
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: FIza4fCXGLk1VzlESBbBcSE3n1jj7nmx7M6KL4AXx8mwmDvUHlU-gQ==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 wp-embed.min.js Show response
www.crowdstrike.com/resources/wp-includes/js/ 1 KB
884 B 88ms
55ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-includes/js/wp-embed.min.js?ver=5.0.3

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5735
cf-ray: 56b384e878aa64cd-FRA
x-cache: Hit from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:30:07 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"2dce40d16f9ff6332d3cbb7ae488a2b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: 9sGfJXU_AY7zqabrOzIjD4RFM0FUCN7o
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: NmP1-LwyDEUdTbntFSiHxewIFFDZrak2L1wMqA8gvqVC9PXGKObXdA==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 total-min.js Show response
www.crowdstrike.com/resources/wp-content/themes/Total/js/ 419 KB
88 KB 67ms
36ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/js/total-min.js?ver=3.4.0

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e546c215a222d7f9cc12b8a5de464cf3c1c9e8d7ba8672348dcd43dff50cf6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5735
cf-ray: 56b384e878ae64cd-FRA
x-cache: Hit from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:42 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"2c062462066aac503a47cc03816fe5ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: qdVS8GeYo9lc8Mgq3r_IpBCxKP3Z0uP2
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: mmki8DX-uiF3SZtv9sB9qUiXDv5I75OFERA3Eq2bBIq5utjSN9GrNQ==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 comment-reply.min.js Show response
www.crowdstrike.com/resources/wp-includes/js/ 1 KB
759 B 67ms
39ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-includes/js/comment-reply.min.js?ver=5.0.3

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 777
cf-ray: 56b384e878af64cd-FRA
x-cache: RefreshHit from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:30:01 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"56bc2726d829207bfa802f957aac0791"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: jZroj.zecxuimEyrusqGBAiN8UQLmCUh
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: kumJKqASYhXK-ERIJuHm9M_jo3UMTd_57RKVGiEF5VSxNt5vTtMGLA==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 jquery.prettyPhoto.js Show response
www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/js/ 21 KB
6 KB 100ms
74ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/js/jquery.prettyPhoto.js?ver=1.0.0

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11f4af66c5a7c312cb258336e99e102e6f48345073d2a1c0b950a2bc78e6441c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-polished: origSize=21506
cf-ray: 56b384e878b164cd-FRA
x-cache: Hit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:13 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"f81c3c778084503cad39095830c6b3f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: 0BcerU.QP_5tdNPuP3biWhZVnYUZbTXr
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: IuPoeJUxeGYlKg6mhoMbM45rBd-09LtOxNYJ_GqyrNgHkAxdQgMHgg==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 set_tracking.js Show response
www.crowdstrike.com/wp-content/custom_js/ 2 KB
1013 B 93ms
67ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/custom_js/set_tracking.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7df7c5b102fc3ab3b3dc7197137945b12f937964749c556d48d6f4ea0014ee1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2022
cf-polished: origSize=2976
cf-ray: 56b384e878b264cd-FRA
x-cache: Hit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 06 Feb 2020 16:26:44 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"820e833f80843799d824ce2d62acb3c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: x.J70ZQNqqt53bS9VcuGpUlWBMC9L6rX
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: RDWI_mu4zFkU8wr06w_cidOgEoWxDYYKMlMaHSjispInUGAja9hidQ==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 jquery.themepunch.essential.min.js Show response
www.crowdstrike.com/resources/wp-content/plugins/essential-grid/public/assets/js/ 119 KB
24 KB 56ms
31ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/plugins/essential-grid/public/assets/js/jquery.themepunch.essential.min.js?ver=2.0.9.1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ad07f7e4c992a797ddae26a89b57b9addbb1d74ab42559858041ea1020786c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5735
cf-ray: 56b384e878b364cd-FRA
x-cache: Hit from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:26:49 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"bdd9e84359cfe363323c69f7856eddbf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: _Ca.ZINA5_TvlgUy3iNsih8vM7gZYNuT
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: BrR5vRQSnbcoKTqRR0vcfp6XwOuFSgspGu1_7e9s01mM2EZk2YlMOg==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 jquery.themepunch.tools.min.js Show response
www.crowdstrike.com/resources/wp-content/plugins/essential-grid/public/assets/js/ 99 KB
33 KB 61ms
37ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/plugins/essential-grid/public/assets/js/jquery.themepunch.tools.min.js?ver=2.0.9.1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2173bda07583c48887c926e95bf4e5b0f6797d536c3af1975820d45bc479c76a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5735
cf-ray: 56b384e878b664cd-FRA
x-cache: Hit from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:26:49 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"112071ba5d19d0d1513b8d4b2ccb529a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: l8UVzkItL6IV6roo3wmOQbYLd8Za_jly
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: ctcrIvW2E8bdhqU-gmoVBNXxYuzRkRB9hjuXkrkN3uWuQX42qgza8Q==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 lightbox.js Show response
www.crowdstrike.com/resources/wp-content/plugins/essential-grid/public/assets/js/ 29 KB
10 KB 56ms
33ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/plugins/essential-grid/public/assets/js/lightbox.js?ver=2.0.9.1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d913c307f0f12939c131e32b9dc888357273b385fb70b8ae8636a13a6d4ae70

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5735
cf-polished: origSize=29678
cf-ray: 56b384e878b764cd-FRA
x-cache: Hit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:26:49 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"4372d88a0e50a15ee53585816856b278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: iQVaFOlRCbKO0XD_vTP8_NnL238YS0Vp
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: Y8VsbEe4XZQTHgM6Oq3PCFoVybR41pILuCFr7sze7Li1yU5GQ9JSLw==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 jquery.js Show response
www.crowdstrike.com/resources/wp-includes/js/jquery/ 95 KB
33 KB 80ms
57ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-includes/js/jquery/jquery.js?ver=1.12.4

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a4c252da9c4b03a65ca99a734ef82408df893c1b6a5d5a49c4f87f774bc4f75

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5735
cf-polished: origSize=97184
cf-ray: 56b384e888b964cd-FRA
x-cache: Hit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:30:03 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"8610f03fe77640dee8c4cc924e060f12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: x6MjB572_pOb.uZTQkKbS3LildhqSTlF
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: OPLK14ku1WPIomhvsMAgnJloWhLAZ01sVdRFpyONpmatyyqLngUmdA==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 jquery-base.js Show response
www.crowdstrike.com/resources/wp-content/custom_js/ 13 KB
3 KB 90ms
69ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/custom_js/jquery-base.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04951a5809e50a6a1c03f20560b6629fdf07e21ca2b0659cced8bde8df25813d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-polished: origSize=22404
cf-ray: 56b384e888ba64cd-FRA
x-cache: Hit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:26:44 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"c66de985f93f51fa09b2fe6c0e1fae76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: z71bmbOlVUlwQzDT_5IzajLCKtFsmu46
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: qNMf_QAXfIwxDntWsGRHAeUhHuRMxB0tXR_TSXfX785-ipVJly50EQ==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 lightslider.min.js Show response
www.crowdstrike.com/resources/wp-content/custom_js/plugins/ 16 KB
5 KB 64ms
43ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/custom_js/plugins/lightslider.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c79822be1ce3cc3decf34b7932f552b39cc587e2c5b891e4fc1eb31a0cd6d8a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-ray: 56b384e888bb64cd-FRA
x-cache: Hit from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:26:44 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"50f50ebefe7e6c7fc39dc21b4d4e5242"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: gaVNTIcPdpOi7VIuoYWpfBGRBDOzP5DA
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: FL5JCyIa-vwAbCqsDdIPSpl4yfkYoYhw8jV2y0KaZBOQNbHSLTQMrA==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 jquery-ui.min.js Show response
www.crowdstrike.com/resources/wp-content/custom_js/plugins/ 248 KB
63 KB 77ms
59ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/custom_js/plugins/jquery-ui.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-ray: 56b384e888bc64cd-FRA
x-cache: Hit from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:26:44 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"0a497d4661df7b82feee14332ce0bdaf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: _Hykq.Mz_81bCGqtYkIL.rXgk4sisza8
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: xow9nVdILrBxl6-7YPaeSAn7Z7oHOYDRJnC2IW-21h-hoypshmLZtA==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 jquery.cj-swipe.js Show response
www.crowdstrike.com/resources/wp-content/custom_js/plugins/ 1 KB
727 B 58ms
41ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/custom_js/plugins/jquery.cj-swipe.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc60fbd2fce82178fc7426f1e63aa07e81708b0cbe7a4501ffef4353815d44f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-polished: origSize=1813
cf-ray: 56b384e888bd64cd-FRA
x-cache: Hit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:26:44 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"4c293dbd0d52ae4afc229e17a6950bca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: h.6ZSZmALVpDsb0vDqF0T1TGKA0gcptK
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: zd6TjLyIsqDeXs6joS6B6yhhxHQ7g1POe_yuRQE9bAseviLIfXf_ZQ==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 jquery.easing.1.3.wrapped.min.js Show response
www.crowdstrike.com/resources/wp-content/custom_js/plugins/ 7 KB
2 KB 72ms
56ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/custom_js/plugins/jquery.easing.1.3.wrapped.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0300012087dee57a051d6abd72c298d9acad1e42d1447f8aabbc7bf253f0dcc1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-ray: 56b384e888be64cd-FRA
x-cache: Hit from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:26:44 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"0a23f7ccb0433bd252a0769c91f0ebbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: 99lYmtfuHOZcdxx9qxpM7CO5uEUR0iWd
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: hzumWPO194ZenuqS_29o-qqA7e_-XQNKhtuzPfu8Hlp7tXSQ06rVNw==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 jquery.flip.min.js Show response
www.crowdstrike.com/resources/wp-content/custom_js/plugins/ 4 KB
2 KB 96ms
79ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/custom_js/plugins/jquery.flip.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acc0997fb73941bf769cca6ddc74aecf4dba4999bf00a0535da15559236d5b76

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-ray: 56b384e888bf64cd-FRA
x-cache: Hit from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:26:44 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"754fcf29adc867efb4196d8cdd289656"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: kpAOkCbop3ilQcZAGs6CQZwSTmffiIAv
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: utWwCWJ3iZvykidlsz6wxWaDvGkbxaQ5gULRIPWpx3ZHQpF4epZ2Ww==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 04 Feb 2020 07:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1934989
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 07:38:18 GMT

GET
H2 200 lightgreyglobebg.png
www.crowdstrike.com/wp-content/uploads/2018/11/ 19 KB
20 KB 79ms
79ms Image
image/png 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.crowdstrike.com/wp-content/uploads/2018/11/lightgreyglobebg.png

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e18ec4b0d01e6b4cdd71bc71588dbb1f5c7e1a4fbba0b2ff47172554236101ae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/new-css/crowdstrike-header-footer.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 63828
cf-polished: pngoptimizer, origSize=24771
x-cache: Hit from cloudfront
status: 200
vary: Accept-Encoding
content-length: 19897
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 10 Jan 2020 15:35:30 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: "879696cde98851e22a1b0e32a2490bc7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: https://www.crowdstrike.jp
expires: Thu, 25 Feb 2021 17:08:07 GMT
cache-control: public, max-age=3600
x-amz-version-id: LYVI5vbmSluV_oLaNKsTjc04q59jYTPf
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
cf-ray: 56b384e898d364cd-FRA
x-amz-cf-id: VMvOC5LRLpBDtKZ-IZOPkAFCC3W2TNTL-UkOzEL4SwKURjPj4fYrGQ==
cf-bgj: imgq:85

GET
H2 200 karla-regular-webfont.woff
www.crowdstrike.com/resources/wp-content/themes/Total/fonts/ 17 KB
17 KB 122ms
74ms Font
application/font-woff 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/fonts/karla-regular-webfont.woff

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26795b25e5aa9e2588329fa0ea08c2e8aa6eb5f742f49c55238509a26a5a3cad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/wp-content/themes/Total/style.cs.css
Origin: https://www.crowdstrike.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-ray: 56b384e9196364cd-FRA
x-cache: Miss from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:29 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"6ba3f624ed3bcbb68733f25a95a6f5f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: m2o2KB0PX0msOhk7oMmdiFvBSCdAOja5
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/font-woff
x-amz-cf-id: tG8BxuMIytUsLj6GDN1elY8Dk7RHJt1l50p_4tRk7ywhfHNR4GWyZg==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 fontawesome-webfont.woff2
www.crowdstrike.com/resources/wp-content/themes/Total/fonts/ 65 KB
65 KB 85ms
37ms Font
binary/octet-stream 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/wp-content/themes/Total/style.cs.css
Origin: https://www.crowdstrike.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
x-cache: Hit from cloudfront
status: 200
vary: Accept-Encoding
content-length: 66624
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:28 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: "db812d8a70a4e88e888744c1c9a27e89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: binary/octet-stream
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
x-amz-version-id: 41RhKCdCXpEBLyxIwVsXFMuPhTYcIyoo
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 56b384e9196464cd-FRA
x-amz-cf-id: G4gelw9aVv20tSB0BGibnmG6crlL7Fs-LTVFBBJZey-soQBUdHvzBw==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 karla-bold-webfont.woff
www.crowdstrike.com/resources/wp-content/themes/Total/fonts/ 18 KB
18 KB 130ms
84ms Font
application/font-woff 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/fonts/karla-bold-webfont.woff

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e91c4ae88469b2db9f529556b7fad60a298f25d0e18dd36212bf58029fba67cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/wp-content/themes/Total/style.cs.css
Origin: https://www.crowdstrike.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-ray: 56b384e9196564cd-FRA
x-cache: Miss from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:28 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"904fee4ac5e8088210a4c906944c4c32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: rketTCYqP2K2NPalZVeSJvAvhMCjvjfA
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/font-woff
x-amz-cf-id: 6rIQOtbylgydkBvV62lce02XJHOHyPx3ET_5tFE3VN9IpkGJ4Hi0PQ==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 crowdstrike.ttf
www.crowdstrike.com/resources/wp-content/themes/Total/fonts/ 65 KB
39 KB 95ms
49ms Font
application/font-sfnt 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/fonts/crowdstrike.ttf?n9zbs9

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

748bdf6d3bdc5e521d2d27f95cda8dd8b370ee48d950bb8594a897ff18d97799

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/wp-content/themes/Total/style.cs.css
Origin: https://www.crowdstrike.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-ray: 56b384e9196764cd-FRA
x-cache: Miss from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:28 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"6998916b53d0356181123a825bb89569"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: 3x4VKLtEhX2Ybd60qGnlhGkyIuNCLRaN
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/font-sfnt
x-amz-cf-id: RCefa5fJm6MQAlVzUOZgyaINEDAlkx9NWlD51KIqnmmTdJyYPkI05Q==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 Batman-Book.woff
www.crowdstrike.com/resources/wp-content/themes/Total/fonts/ 21 KB
22 KB 128ms
82ms Font
application/font-woff 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/fonts/Batman-Book.woff

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ce7920df0659e5cd6b178128c1e4f9b59bef133bb36e18465f8be01a92b2b3a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/wp-content/themes/Total/style.cs.css
Origin: https://www.crowdstrike.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-ray: 56b384e9196864cd-FRA
x-cache: Miss from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:27 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"8ea66788d9ca751c257467940883190b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: pjBPlcwMNHTt8riLfhsAWv67wQxM3CTA
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/font-woff
x-amz-cf-id: VHJ0S_uyqElovRUUQDe5OtfttrVmHXtj14iwOnUrvjIwk6gQ12bRHg==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 Batman-Light.woff
www.crowdstrike.com/resources/wp-content/themes/Total/fonts/ 22 KB
22 KB 89ms
43ms Font
application/font-woff 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/fonts/Batman-Light.woff

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0735e3827a3d7fe722b56733ca79c2bad9aca48c3a0d12c50617fcfdb09b61ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/wp-content/themes/Total/style.cs.css
Origin: https://www.crowdstrike.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 3df1d6f6e1999cb29078ddff1a62bd1d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5736
cf-ray: 56b384e9196a64cd-FRA
x-cache: Hit from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:27 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"ec5483510d888278a73ec600aced08cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: vpDsopayQJw9zpGaNoUMJg3IYy9..YO5
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/font-woff
x-amz-cf-id: eJVvXjcctzZ19fAfzlv97CzlfO12rq1zohHWPwfDeE3eiAXQC7ndJw==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 Batman-Medium.woff
www.crowdstrike.com/resources/wp-content/themes/Total/fonts/ 21 KB
21 KB 86ms
40ms Font
application/font-woff 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/fonts/Batman-Medium.woff

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05cc1bfb3722610c4335196f145cec3d981e53acaa84931f20c7d017bdf9fe47

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/wp-content/themes/Total/style.cs.css
Origin: https://www.crowdstrike.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-ray: 56b384e9196b64cd-FRA
x-cache: Miss from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:27 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"920e3f36878b67508b816f6d87cb8955"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: _ijjWUG6j38zrEt6e8kmpU2unw.8SKwT
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/font-woff
x-amz-cf-id: di85d0FLwn3RdNEaOt7sKfvwqxXg_wI7nOHNKL8n0d9FsKWFmmc9Og==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 crowdstrike.ttf
www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/cs/fonts/ 76 KB
44 KB 33ms
30ms Font
application/font-sfnt 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/cs/fonts/crowdstrike.ttf?n9zbs9

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1cdc4fcc118cf2b8c7d8a426248105d2589ac734644639e2ad80bbf8b66ab2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/cs/crowdstrike-fonts.css
Origin: https://www.crowdstrike.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-ray: 56b384ea2a5364cd-FRA
x-cache: Hit from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:12 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"d52f02b16228f3bcc3f464b974838145"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: Vg30Iv24lz2f2LydyMvqd.W7OE3cDM8X
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/font-sfnt
x-amz-cf-id: ZGM2I5Vl0D9DMdF28E1B61Hn9f9D0D4Ci1DfdX3BoaKZpoUJiVqA-A==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 karla-regular-webfont.woff
www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/cs/fonts/ 17 KB
17 KB 28ms
27ms Font
application/font-woff 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/cs/fonts/karla-regular-webfont.woff

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26795b25e5aa9e2588329fa0ea08c2e8aa6eb5f742f49c55238509a26a5a3cad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/cs/crowdstrike-fonts.css
Origin: https://www.crowdstrike.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-ray: 56b384ea2a5764cd-FRA
x-cache: Hit from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:13 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"6ba3f624ed3bcbb68733f25a95a6f5f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: hWtHWSaC98xu_IGmccAxPH8KZKWYVy_l
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/font-woff
x-amz-cf-id: F4OsRIWV6nBuMfjzj8t0x8515uu5X6kyNBTTM1EbmEEvICkn3nl3CQ==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 karla-regular-webfont.woff
www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/new-css/fonts/ 17 KB
17 KB 28ms
27ms Font
application/font-woff 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/new-css/fonts/karla-regular-webfont.woff

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26795b25e5aa9e2588329fa0ea08c2e8aa6eb5f742f49c55238509a26a5a3cad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/new-css/crowdstrike-fonts.css
Origin: https://www.crowdstrike.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-ray: 56b384ea9aeb64cd-FRA
x-cache: Miss from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:24 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"6ba3f624ed3bcbb68733f25a95a6f5f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: BKVUWINW65K287hcYfU6F4LdwMeuNGk3
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/font-woff
x-amz-cf-id: yVWtbX0fdtkpF4c_X_V8Rruralh_T8_TNG_NVpmyU1uzAMWXEqt-DA==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 SmartForms.js Show response
sfc.leadspace.com/ Frame 1318 2 KB
3 KB 177ms
143ms Script
application/javascript 35.190.114.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sfc.leadspace.com/SmartForms.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.114.154 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 154.114.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4122248e62fb7060569b511c0e8e92442873b8994f15833bf2add304bd000add

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
age: 0
status: 200
x-guploader-uploadid: AEnB2UrDYgjXI-sGXgIYLtQvdIZ_56Lr_GgfY2AIPMoHuOxUmgBpgCQnQBztgAYMwhrKJVbyrc53PRhLKze7_Yh2OgWUbFH0OA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 2423
last-modified: Wed, 26 Feb 2020 15:39:03 GMT
server: UploadServer
etag: "01d5549b18d8842e7200f85fbfc0f109"
x-goog-hash: crc32c=ohUekw==, md5=AdVUmxjYhC5yAPhfv8DxCQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1582731543925270
access-control-expose-headers: Content-Type
cache-control: public, max-age=45
x-goog-stored-content-length: 2423
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 26 Feb 2020 17:08:52 GMT

GET
H2 200 english-datalayer.js Show response
www.crowdstrike.com/wp-content/custom_js/marketo-dataLayer/ Frame 1318 141 B
366 B 47ms
46ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/custom_js/marketo-dataLayer/english-datalayer.js

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fe3fe2ff12f2874356b7ade29b1f0eb26e1ef1fac52ed3dac8b3644b9cc3983

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3853
cf-polished: origSize=185
x-cache: Hit from cloudfront
status: 200
last-modified: Wed, 13 Nov 2019 20:30:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-type: application/javascript
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"4b795f31ec9b1bfcfbe0736627f8c55b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Cq.hK.lmVIJOMT2KhTxYG6XST2vGxyxt
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA6-C1
cf-ray: 56b384eacb0964cd-FRA
x-amz-cf-id: tGjFIy3bMhjTEt53fkY8rEJJgq2iix8rorRo3TpmAmQuyPaAmJc6iw==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 marketo-gdpr-msg.css
www.crowdstrike.com/wp-content/css/ Frame 1318 1 KB
728 B 19ms
17ms Stylesheet
text/css 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/css/marketo-gdpr-msg.css

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6af290228fa19f3c6f0a919fd737783e00f37b2342fe3c548931836feb0d1114

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3853
cf-polished: origSize=1603
x-cache: Hit from cloudfront
status: 200
last-modified: Wed, 13 Nov 2019 20:30:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-type: text/css
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"b51c5aa50248df101a269968f063d77e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ATPSsKt76XI5HcTi_Y1ZeMnr5koXhKFJ
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA6-C1
cf-ray: 56b384eacb0b64cd-FRA
x-amz-cf-id: bVxHiO92k-xlbYeZi69yl9VLQIkCjReShoC16ULasRLnf1orZsNDnw==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H/1.1 200
OK jquery-1.12.4.min.js Show response
code.jquery.com/ Frame 1318 95 KB
33 KB 21ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
Origin: https://go.crowdstrike.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 26 Feb 2020 17:08:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 May 2016 17:18:54 GMT
Server: nginx
ETag: W/"573f46fe-17b8b"
Vary: Accept-Encoding
X-HW: 1582736887.dop109.fr8.shc,1582736887.dop109.fr8.t,1582736887.cds167.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 33738

GET
H2 200 set_tracking_marketo.js Show response
www.crowdstrike.com/wp-content/custom_js/ Frame 1318 2 KB
983 B 26ms
25ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/custom_js/set_tracking_marketo.js

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20aa5801e8d05166819a353fcef2c346ec1ef4fe11974759d93483a3ff98c0b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3853
cf-polished: origSize=2984
x-cache: Hit from cloudfront
status: 200
last-modified: Fri, 31 Jan 2020 16:45:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-type: application/javascript
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"6dade04d20200d89446fca34b5771430"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: FxvTBPPuGNYj5zy0nogKXeFXgEEBmarR
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA6-C1
cf-ray: 56b384eadb2664cd-FRA
x-amz-cf-id: yZW2O0lD4-DSZduF0VaLW4ru4Yf6wqkLen_9qZsIa2EtVetZBaEpbA==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 mktLPSupportCompat.css
go.crowdstrike.com/css/ Frame 1318 2 KB
817 B 25ms
24ms Stylesheet
text/css 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/css/mktLPSupportCompat.css

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc27845c4ba2580588d37b6d48939e7b833faeefa237e927860054226a0ad6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6467
status: 200
content-length: 635
last-modified: Wed, 12 Feb 2020 19:42:41 GMT
server: cloudflare
etag: "142035-633-59e662ceaee40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 56b384eaed239bdf-AMS
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H/1.1 200
OK SmartForms.js Show response
d12ulf131zb0yj.cloudfront.net/ Frame 1318 2 KB
3 KB 78ms
8ms Script
binary/octet-stream 143.204.202.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d12ulf131zb0yj.cloudfront.net/SmartForms.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-10.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b372d056d04ed4bd986c218c49207d678079907e3b062c945be3be35e7dbfba8

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 02:07:18 GMT
Via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
Last-Modified: Tue, 18 Feb 2020 15:16:22 GMT
Server: AmazonS3
Age: 54050
ETag: "7592809aa20b41a06e33a6fc143b3196"
X-Cache: Hit from cloudfront
x-amz-version-id: CsErtEc66.CDE6YRN5yplgRdvvyn2vKZ
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: binary/octet-stream
Content-Length: 2240
X-Amz-Cf-Id: 5mC0wVdhGyrhOhUL-rPo9hm-V2xpI2EWdDzGAU3ExXhxiRllOlp95A==

GET
H2 200 forms2.min.js Show response
app-ab01.marketo.com/js/forms2/js/ Frame 1318 169 KB
58 KB 226ms
29ms Script
application/x-javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6e7e0830124ea580b3f0de0da80ba48a45d9df9d7c092af0f47c63ed0692578

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4554
status: 200
strict-transport-security: max-age=63113904
last-modified: Wed, 12 Feb 2020 19:42:36 GMT
server: cloudflare
etag: "4411b3-2a546-59e662c9ea300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 56b384ec2ebb728d-AMS
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame 1318 94 KB
33 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 04 Feb 2020 07:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1934989
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 07:38:18 GMT

GET
H2 200 forms2.min.js Show response
go.crowdstrike.com/js/forms2/js/ Frame 1318 169 KB
57 KB 26ms
22ms Script
application/x-javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/js/forms2/js/forms2.min.js

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6e7e0830124ea580b3f0de0da80ba48a45d9df9d7c092af0f47c63ed0692578

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 12 Feb 2020 19:42:36 GMT
server: cloudflare
age: 5900
etag: "141f2b-2a546-59e662c9ea300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 56b384eafd409bdf-AMS
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame 1318 86 KB
30 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 31 Jan 2020 00:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2306876
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jan 2021 00:20:11 GMT

GET
H2 200 set-ctm-cookies.js Show response
www.crowdstrike.com/wp-content/custom_js/ Frame 1318 980 B
986 B 22ms
20ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/wp-content/custom_js/set-ctm-cookies.js

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

864a06c631e8d4f42b39556ca18631c184a4c6bb2eee8da04bb3cc29b66b219d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3853
cf-polished: origSize=1156
x-cache: Hit from cloudfront
status: 200
last-modified: Wed, 13 Nov 2019 20:30:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-type: application/javascript
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"b97bd6711f7495752ffc3c0b4dbc3da2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 83_4kmWywoK61I.1ffdjWVF1tdc6l3Fw
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA6-C1
cf-ray: 56b384eaeb3c64cd-FRA
x-amz-cf-id: grtIV8JcF7KtJCUHbgk-3OuA0kyH1nCsLvLCh9pAZyOPelflty3HIQ==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net// Frame 1318 1 KB
1 KB 35ms
14ms Script
application/x-javascript 95.101.176.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net//munchkin.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.176.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-176-176.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 924ce09c1b46893447425d2af30b82434d01fdcdcac8fd9d09d81a99144e579d

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 17:08:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Feb 2020 03:45:49 GMT
Server: Apache
ETag: "429cf8ee043fe9d0a142c6014f5731b4:1582256749"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 751

GET
H2 200 stripmkttok.js Show response
go.crowdstrike.com/js/ Frame 1318 2 KB
767 B 30ms
27ms Script
application/x-javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/js/stripmkttok.js

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5899
status: 200
content-length: 678
last-modified: Wed, 12 Feb 2020 19:42:36 GMT
server: cloudflare
etag: "141fab-602-59e662c9ea300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 56b384eafd439bdf-AMS
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 karla-regular-webfont.woff
www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/fonts/ 17 KB
17 KB 31ms
31ms Font
application/font-woff 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/fonts/karla-regular-webfont.woff

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26795b25e5aa9e2588329fa0ea08c2e8aa6eb5f742f49c55238509a26a5a3cad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/wp-content/themes/Total/css/css_from_outside/crowdstrike-fonts.css
Origin: https://www.crowdstrike.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1247
cf-ray: 56b384ebcc2f64cd-FRA
x-cache: Miss from cloudfront
status: 200
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:23 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"6ba3f624ed3bcbb68733f25a95a6f5f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: Kicu1jZKLV4ZPiDJ3D3a6eMDu0IOMz02
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/font-woff
x-amz-cf-id: A0Ie6MuRwriuBk9ihbfZkn_ZBHBn2MZBI22x9GJdtjhq6P6HHlkHbA==
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 143731.js Show response
sfc.leadspace.com/ Frame 1318 15 KB
15 KB 137ms
135ms Script
text/javascript 35.190.114.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sfc.leadspace.com/143731.js
Requested by: Host: sfc.leadspace.com
URL: https://sfc.leadspace.com/SmartForms.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.114.154 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 154.114.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 023fef23e66850e671b5cec2e7a92f373e405be817f6bd3523cc6591e9ef1195

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
age: 0
status: 200
x-guploader-uploadid: AEnB2UrmWUn1aA8VDNa7uWuqR4vVkgM3qbUvhzmi4bU6Hx8S67WCE6X8C_GFeUPYOwxF0eFwdqdZ25m2HZFNMXh7z7cPynCWIw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 15493
last-modified: Tue, 04 Feb 2020 20:48:08 GMT
server: UploadServer
etag: "c0c293d5ade6322e7febbba0947d1937"
x-goog-hash: crc32c=/UMwwg==, md5=wMKT1a3mMi5/67uglH0ZNw==
x-goog-generation: 1580849288318517
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 15493
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 26 Feb 2020 18:08:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 1318 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 4556
date: Wed, 26 Feb 2020 15:52:11 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Wed, 26 Feb 2020 17:52:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 1318 197 KB
45 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W4TT8S

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e171657f17dce45d9a1cb4f2606ffc969ee8ec6d145d2b4d9c00fb0d52f5c22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 46100
x-xss-protection: 0
last-modified: Wed, 26 Feb 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Feb 2020 17:08:07 GMT

GET
H2 200 check Show response
api.ipstack.com/ Frame 1318 298 B
651 B 401ms
374ms Script
application/json 2606:4700:20::681a:bc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ipstack.com/check?access_key=c4145bb60c6eaa1379ba0a6589da27de&legacy=1&callback=jQuery11240669505907258003_1582736887686&_=1582736887687

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69e82194bb8118fe285299582fac5d804816460abeb6ed1eae4e2360137e2a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-apilayer-transaction-id: 37e66009-b0bb-4f4a-895b-773cc42af6cf
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; Charset=UTF-8
status: 200
x-request-time: 0.027
cf-ray: 56b384ec4add980e-FRA

GET
H/1.1 200
OK rtp.js Show response
sjrtp-cdn.marketo.com/rtp-api/v1/ Frame 1318 148 KB
41 KB 369ms
179ms Script
application/x-javascript 95.100.75.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sjrtp-cdn.marketo.com/rtp-api/v1/rtp.js?aid=crowdstrike

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.75.224 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-75-224.deploy.static.akamaitechnologies.com

Software

Jetty(7.3.1.v20110307) /

Resource Hash

8e019a228a2ff09b81c6a615f950a0d116fe95ff7ea46d693d82ad0e8a7995b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
Last-Modified: Sat, 22 Feb 2020 01:56:56 GMT
Server: Jetty(7.3.1.v20110307)
Date: Wed, 26 Feb 2020 17:08:08 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=208
Connection: keep-alive
Content-Length: 41395

GET
H2 200 js Show response
www.google-analytics.com/gtm/ Frame 1318 73 KB
26 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-N8HXDD2&cid=1531803285.1582736888

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d13feefe127254ad04bdd113f097528b6fc8db071226a0eca2d68f4315532a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 26760
x-xss-protection: 0
expires: Wed, 26 Feb 2020 17:08:07 GMT

GET
H2 200 forms2.css
go.crowdstrike.com/js/forms2/css/ Frame 1318 13 KB
3 KB 23ms
22ms Stylesheet
text/css 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/js/forms2/css/forms2.css

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

397d07fbfb19b6ac538d7b8bcdf5ebf7be881c9f9ad3982278d9d4f3a02c160b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5899
status: 200
vary: Accept-Encoding
content-length: 2610
last-modified: Wed, 12 Feb 2020 19:42:36 GMT
server: cloudflare
etag: "4602e5-33f8-59e662c9ea300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 56b384eccf999bdf-AMS
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H2 200 forms2-theme-plain.css
go.crowdstrike.com/js/forms2/css/ Frame 1318 828 B
332 B 25ms
24ms Stylesheet
text/css 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.crowdstrike.com/js/forms2/css/forms2-theme-plain.css

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5899
status: 200
vary: Accept-Encoding
content-length: 246
last-modified: Wed, 12 Feb 2020 19:42:36 GMT
server: cloudflare
etag: "4602e1-33c-59e662c9ea300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 56b384eccf9a9bdf-AMS
expires: Wed, 26 Feb 2020 21:08:07 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/157/ Frame 1318 9 KB
5 KB 9ms
8ms Script
application/x-javascript 95.101.176.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/157/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net//munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.176.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-176-176.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 640a401ef807204873f6f29f1825bf7400035432bdfd51361edc487d17099df0

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 17:08:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Nov 2019 01:52:19 GMT
Server: Apache
ETag: "8b51a976b2f24b5c747cd9dff2d593ed:1572573139"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4265
Expires: Fri, 05 Jun 2020 17:08:07 GMT

GET
H2 200 hotjar-897373.js Show response
static.hotjar.com/c/ Frame 1318 8 KB
2 KB 104ms
103ms Script
application/javascript 147.75.32.125
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-897373.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4TT8S

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.32.125 Amsterdam, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress14

Software

Resource Hash

b7e0506c8216aa451486ce62414245f8873f55c251fc8d2ffa4b906fa9a927e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 0
status: 200
access-control-max-age: 600
section-io-cache: Miss
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/6270384403ae22d4d7082241c4390854
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.077
accept-ranges: bytes
section-io-id: a5f913e244e8724ea60fd143e2558a41
section-origin-responded: true

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 1318 23 KB
7 KB 65ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4TT8S
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 21:01:31 GMT
x-msedge-ref: Ref A: 3EA3936924674C27851A39F3B2075936 Ref B: FRAEDGE0920 Ref C: 2020-02-26T17:08:07Z
access-control-allow-origin: *
etag: "8087c39c79d8d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7295

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ Frame 1318 1 KB
1 KB 22ms
20ms Script
application/x-javascript 95.101.176.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.176.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-176-176.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 924ce09c1b46893447425d2af30b82434d01fdcdcac8fd9d09d81a99144e579d

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 17:08:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Feb 2020 03:45:49 GMT
Server: Apache
ETag: "429cf8ee043fe9d0a142c6014f5731b4:1582256749"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 751

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 1318 126 KB
30 KB 16ms
15ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: 1GO+uM54xtNxQGF2yCnwPxDbOtSelD0UH0CZUfulqLy6fjBuQ91gfVgnHHPfsKMakE3ZVoBwDZA/olaWqTqPdw==
x-fb-trip-id: 1850256238
date: Wed, 26 Feb 2020 17:08:07 GMT, Wed, 26 Feb 2020 17:08:07 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 1318 3 KB
2 KB 47ms
11ms Script
application/x-javascript 2a02:26f0:10c:382::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:382::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 17:08:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=8867
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 one-tag.js Show response
eu2.thunderhead.com/one/rt/js/ Frame 1318 67 B
218 B 155ms
40ms Script
text/plain 51.105.108.194
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eu2.thunderhead.com/one/rt/js/one-tag.js?siteKey=ONE-C37IDRMAKO-6091

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.105.108.194 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6aa9a8ae49f33fec9c635e69129b0bcc3c7fbddff262f9729fd00fc5ed1e5458

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Wed, 26 Feb 2020 17:08:08 GMT
cache-control: private, no-transform, max-age=1200
x-one-req-metric: 1582736888009;0;146
strict-transport-security: max-age=15768000
content-type: text/plain

GET
H2 200 wHLWt565.min.js Show response
tag.demandbase.com/ Frame 1318 56 KB
15 KB 437ms
392ms Script
application/javascript 143.204.202.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.demandbase.com/wHLWt565.min.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-73.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11af678793820cdd26042632ae9ec0ebe89b64cdacc4b3b8c5a101d0132e917c

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: D4GIM.iI9vJFRHJy_ZGgvkvliAczYpIW
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 17:43:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
date: Wed, 26 Feb 2020 17:08:09 GMT
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=3600
x-amz-cf-id: 45uh67PdhT4cB7Darz-hvl-05G0oQPECPSmgPyMd3KiiDSagaquNzg==
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ Frame 1318 13 KB
6 KB 25ms
11ms Script
application/x-javascript 91.228.74.133
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.133 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 17:08:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26-Feb-2020 17:08:07 GMT
Server: QS
Etag: M0-56c8c653
Vary: Accept-Encoding
Strict-Transport-Security: max-age=86400
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5651
Expires: Wed, 04 Mar 2020 17:08:07 GMT

GET
H/1.1

200
OK

/
attr.ml-api.io/ Frame 1318
Redirect Chain

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dcrowdstrike.com%26pId%3d%24UID
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dcrowdstrike.com%26pId%3d%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dcrowdstrike.com%2526pId%253d%2524UID
https://attr.ml-api.io/?domain=crowdstrike.com&pId=505895833572884788

4 B
484 B

214ms
161ms

Image
image/jpeg

13.35.253.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attr.ml-api.io/?domain=crowdstrike.com&pId=505895833572884788
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.41 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-41.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 26 Feb 2020 17:08:08 GMT
Via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
x-amzn-RequestId: d2366aaf-704e-4f3b-90f6-dc3a7e1d283b
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
X-Amzn-Trace-Id: Root=1-5e56a5f8-4707d7c0490d8fc0893d6ce0;Sampled=0
Connection: keep-alive
x-amz-apigw-id: Ig7e2HZAoAMFmOQ=
Content-Length: 4
X-Amz-Cf-Id: eXpgVHYROrs8P1b3DHLVglM3wHimpklC_rKOkpBVtHl2ki92yvYHwg==

Redirect headers

Pragma: no-cache
Date: Wed, 26 Feb 2020 17:08:10 GMT
AN-X-Request-Uuid: a2281643-4e45-4705-bb5c-f343d164ca43
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://attr.ml-api.io/?domain=crowdstrike.com&pId=505895833572884788
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 83.143.245.68; 83.143.245.68; 312.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.137:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 name.png
go.crowdstrike.com/rs/281-OBQ-266/images/ Frame 1318 1 KB
1 KB 111ms
109ms Image
image/png 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.crowdstrike.com/rs/281-OBQ-266/images/name.png

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c4daad866e19daf2e5089bf09a821ce5b21a2a88e6af402b5979837f3a32d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 17:08:07 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 22 Feb 2020 03:34:59 GMT
server: cloudflare
etag: "1a1d3c-508-59f21d2953065"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 56b384ed683d9bdf-AMS
content-length: 1288
expires: Wed, 26 Feb 2020 17:09:07 GMT

GET
H2 200 email.png
go.crowdstrike.com/rs/281-OBQ-266/images/ Frame 1318 1 KB
1 KB 124ms
122ms Image
image/png 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.crowdstrike.com/rs/281-OBQ-266/images/email.png

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8801be0e66832c555176c8964efc290cd759eb25fcd9f0c7868971cdacdf538d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 17:08:08 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 22 Feb 2020 03:34:59 GMT
server: cloudflare
etag: "1a1d3d-4a7-59f21d2953835"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 56b384ed88639bdf-AMS
content-length: 1191
expires: Wed, 26 Feb 2020 17:09:08 GMT

GET
H2 200 job.png
go.crowdstrike.com/rs/281-OBQ-266/images/ Frame 1318 1 KB
1 KB 112ms
110ms Image
image/png 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.crowdstrike.com/rs/281-OBQ-266/images/job.png

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc97c1fc5bd6ce393ae8ac5ef9e03990e96b6181be6d4e267147d8a9e8c7aca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 17:08:08 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 22 Feb 2020 03:34:59 GMT
server: cloudflare
etag: "1a1d40-529-59f21d298f154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 56b384ed88659bdf-AMS
content-length: 1321
expires: Wed, 26 Feb 2020 17:09:08 GMT

GET
H2 200 phone.png
go.crowdstrike.com/rs/281-OBQ-266/images/ Frame 1318 1 KB
1 KB 148ms
141ms Image
image/png 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.crowdstrike.com/rs/281-OBQ-266/images/phone.png

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be0e6080cb4849fd985b55c305c4fe7f81c123b0ca3e834feb905f5104e39c5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 17:08:08 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 22 Feb 2020 03:34:59 GMT
server: cloudflare
etag: "1a1d3e-444-59f21d2956afc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 56b384ed98769bdf-AMS
content-length: 1092
expires: Wed, 26 Feb 2020 17:09:08 GMT

GET
H2 200 company.png
go.crowdstrike.com/rs/281-OBQ-266/images/ Frame 1318 1 KB
1 KB 114ms
111ms Image
image/png 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.crowdstrike.com/rs/281-OBQ-266/images/company.png

Requested by

Host: app-ab01.marketo.com
URL: https://app-ab01.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

643fb5ad280920a70c2d372ac3448aaa2724fbddea2710b8eef4abc8b8b335e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 17:08:08 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 22 Feb 2020 03:34:59 GMT
server: cloudflare
etag: "1a1d3f-57c-59f21d2957a9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 56b384ed98779bdf-AMS
content-length: 1404
expires: Wed, 26 Feb 2020 17:09:08 GMT

GET
H2 200 sf5.js Show response
sfc.leadspace.com/ Frame 1318 147 KB
148 KB 11ms
10ms Script
application/javascript 35.190.114.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sfc.leadspace.com/sf5.js
Requested by: Host: sfc.leadspace.com
URL: https://sfc.leadspace.com/SmartForms.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.114.154 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 154.114.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 165206da91bbe74bdf79910e497952107af5d807d1c98eb9ba10935e9cb2c28c

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:07:50 GMT
age: 18
status: 200
x-guploader-uploadid: AEnB2Uq9O3HJudlDwGp6waVifgvTRzHn_Kn3L9sE9CdcZFbEWTNaOUvXMwMgjYYwuMkRJWsxv1pHZ07jLveUfXrqy5GcQfxht_GpsC7U-XqhnwoeHParOyw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 150921
last-modified: Wed, 26 Feb 2020 15:39:04 GMT
server: UploadServer
etag: "3b7b452047cd44bb3747a93d17f7bb5f"
x-goog-hash: crc32c=PWcS5Q==, md5=O3tFIEfNRLs3R6k9F/e7Xw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1582731544053169
access-control-expose-headers: Content-Type
cache-control: public, max-age=45
x-goog-stored-content-length: 150921
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 26 Feb 2020 17:08:35 GMT

GET
H/1.1 200
OK visitWebPage Show response
281-obq-266.mktoresp.com/webevents/ Frame 1318 2 B
304 B 478ms
99ms XHR
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://281-obq-266.mktoresp.com/webevents/visitWebPage?_mchNc=1582736888091&_mchCn=WC2019OverwatchReport_LPDownload21&_mchId=281-OBQ-266&_mchTk=_mch-crowdstrike.com-1582736888081-67820&_mchWs=j1RR&_mchHo=go.crowdstrike.com&_mchPo=&_mchRu=%2FWC2019OverwatchReport_LPDownload21.html&_mchPc=https%3A&_mchVr=157&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fwww.crowdstrike.com%2F&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/157/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: akka-http/10.1.10 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
Origin: https://go.crowdstrike.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 26 Feb 2020 17:08:08 GMT
Content-Encoding: gzip
Server: akka-http/10.1.10
Transfer-Encoding: chunked
X-Request-Id: e23a371d-55ff-40a7-b451-26453606e7f5
Content-Type: text/plain; charset=UTF-8

GET
H2 204 0
bat.bing.com/action/ Frame 1318 0
147 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=12001672&Ver=2&mid=6222cd75-f11f-0050-9441-70d8cc5778a9&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.crowdstrike.com%2F&r=&lt=1029&evt=pageLoad&ifm=1&msclkid=N&rn=288462
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Wed, 26 Feb 2020 17:08:07 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: ACA21B5D161F4341A529902EA58B5B36 Ref B: FRAEDGE0920 Ref C: 2020-02-26T17:08:08Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.e483a7fd5848d79df4ee.js Show response
script.hotjar.com/ Frame 1318 401 KB
70 KB 25ms
25ms Script
application/javascript 147.75.32.99
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.e483a7fd5848d79df4ee.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-897373.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.32.99 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress12
Software: /
Resource Hash: 2403f23389dde6ee71fb73f3c9d49b8fb8820b14ff3e85b151da4c40c64a190a

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:08 GMT
content-encoding: br
content-type: application/javascript
age: 7072
status: 200
section-io-cache: Hit
content-length: 71408
last-modified: Wed, 26 Feb 2020 15:06:58 GMT
etag: "0299edc9d4e4473b8735b5a22c977e03"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.085
accept-ranges: bytes
section-io-id: ea805308d83a60f40ce6e86646250320
section-origin-responded: true

GET
H2

200

collect
px.ads.linkedin.com/ Frame 1318
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=64444&url=https%3A%2F%2Fwww.crowdstrike.com%2F&time=1582736888196
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D64444%26url%3Dhttps%253A%252F%252Fwww.crowdstrike.com%252F%26time%3D1582736888196...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=64444&url=https%3A%2F%2Fwww.crowdstrike.com%2F&time=1582736888196&liSync=true

0
56 B

109ms
109ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=64444&url=https%3A%2F%2Fwww.crowdstrike.com%2F&time=1582736888196&liSync=true
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 17:08:08 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: iIc7fdAC9xUw9sy0rioAAA==

Redirect headers

date: Wed, 26 Feb 2020 17:08:08 GMT
x-content-type-options: nosniff
linkedin-action: 1
status: 302
strict-transport-security: max-age=2592000
content-length: 0
x-li-uuid: 8wlSdtAC9xXARz6MgisAAA==
server: Play
pragma: no-cache
x-li-pop: prod-efr5
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=64444&url=https%3A%2F%2Fwww.crowdstrike.com%2F&time=1582736888196&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 rules-p-7ngths0Sqjbqv.js Show response
rules.quantcount.com/ Frame 1318 992 B
1 KB 369ms
365ms Script
application/x-javascript 2600:9000:2057:9c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-7ngths0Sqjbqv.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:9c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c82c76acf040a1e1663b90c4e441671aa652530f77701d0f6f41cb58a7dda51

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:09 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
etag: "a1d751f2bc63270df23b0c98c89bffe1"
last-modified: Thu, 06 Feb 2020 22:04:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 992
x-amz-cf-id: YLqzmRMp7q6Kcch2C1usm6RuSdVNPW907Zd3Z15_rdCIQGGBm4UUkA==

GET
H2 200 1950083805267950 Show response
connect.facebook.net/signals/config/ Frame 1318 447 KB
112 KB 98ms
96ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1950083805267950?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8368e02cf9894bab2c89a30b94f3e848d99f637b58306cd8a72274918f7e7b9d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: xA5+wnC6q24x/ALBpxMD5TR9nOu0cguy8Nm3ZdpzgWQunl3EwrFJd9GV7XtYA5VXMlRWIbagQHwvQlXiN/MSUg==
x-fb-trip-id: 1850256238
date: Wed, 26 Feb 2020 17:08:08 GMT, Wed, 26 Feb 2020 17:08:08 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1318 783 B
485 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway

Requested by

Host: sfc.leadspace.com
URL: https://sfc.leadspace.com/sf5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3147026ff99804131affcb3cadbdfd49c0a07583682aefcc1198f57e2614d5b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Feb 2020 17:08:08 GMT
server: ESF
date: Wed, 26 Feb 2020 17:08:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Feb 2020 17:08:08 GMT

OPTIONS
H2 200 match Show response
sfgw.leadspace.com/ip/ Frame 1318 0
465 B 371ms
119ms XHR
text/plain 35.223.187.167
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sfgw.leadspace.com/ip/match

Requested by

Host: sfc.leadspace.com
URL: https://sfc.leadspace.com/sf5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.223.187.167 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

167.187.223.35.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Request-Method: POST
Origin: https://go.crowdstrike.com
Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type

Response headers

date: Wed, 26 Feb 2020 17:08:08 GMT
x-content-type-options: nosniff
status: 200
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubdomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-length: 0
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
server: istio-envoy
x-frame-options: SAMEORIGIN
access-control-max-age: 1800
access-control-allow-methods: POST
access-control-allow-origin: https://go.crowdstrike.com
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type
x-content-security-policy: frame-ancestors 'none'

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 4509 0
0 25ms
23ms Document
text/html 147.75.100.245
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-897373.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.100.245 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress15
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html

Response headers

status: 200
date: Wed, 26 Feb 2020 17:08:08 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 29 Jan 2020 12:33:12 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.025
section-origin-responded: true
age: 2435509
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 9bedf915aec5e4404526b7e4a68c85fb

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ Frame 1318 430 B
934 B 84ms
60ms XHR
application/json 143.204.202.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=null&page=https%3A%2F%2Fwww.crowdstrike.com%2F&page_title=3rd%20Party%20iFrame&key=a3a149fc49fc9ddb1e4ba7d0de05db39&src=tag
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/wHLWt565.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.63 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-63.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 9781af3d5bfad1b731ec0f8bcd76d9b08231514b00dcf499da5261d4617790ef

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
Origin: https://go.crowdstrike.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 17:08:08 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
status: 200
request-id: 917d9982-2f8c-4801-b5ab-b55cff3a3ee0
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://go.crowdstrike.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZL_frFzZRytyB6vVhHlchHYfsO3aTkR4nWglyWxFcCQTrY3KRq_s8g==
expires: Tue, 25 Feb 2020 17:08:08 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/ Frame 1318
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAMq1068rUwAABd2Hbv3iA
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAMq1068rUwAABd2Hbv3iA&verifyHash=d96b15183e491518d9c5cf2c62fb8dd513def47e

26 B
409 B

100ms
100ms

Image
image/gif

143.204.202.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAMq1068rUwAABd2Hbv3iA&verifyHash=d96b15183e491518d9c5cf2c62fb8dd513def47e
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.115 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-115.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 26 Feb 2020 17:08:08 GMT
Via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: ea96ffeb69402de2
X-Amz-Cf-Id: IbCZ91Vc5AvWt9GCbs8LEFKOgCzDWjZZzn2kGsNaaa6Dn6nArX_0ew==

Redirect headers

Date: Wed, 26 Feb 2020 17:08:08 GMT
Via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAMq1068rUwAABd2Hbv3iA&verifyHash=d96b15183e491518d9c5cf2c62fb8dd513def47e
Connection: keep-alive
trace-id: 3d5e5da87a6b66f7
Content-Length: 0
X-Amz-Cf-Id: IOiFhAO2CJN91_JxblVDcPSm9JIylySZFALUix_aeg2l_NY2Zn0uTg==

GET
H2 200 /
www.facebook.com/tr/ Frame 1318 44 B
254 B 16ms
16ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1950083805267950&ev=PageView&dl=https%3A%2F%2Fgo.crowdstrike.com%2FWC2019OverwatchReport_LPDownload21.html&rl=https%3A%2F%2Fwww.crowdstrike.com%2F&if=true&ts=1582736888443&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1582736888442.1720685339&it=1582736888218&coo=false&rqm=GET

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 17:08:08 GMT, Wed, 26 Feb 2020 17:08:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Wed, 26 Feb 2020 17:08:08 GMT

GET
H/1.1 200
OK pixel;r=102882207;labels=_fp.event.Homepage;rf=0;a=p-7ngths0Sqjbqv;url=https%3A%2F%2Fgo.crowdstrike.com%2FWC2019OverwatchReport_LPDownload21.html;ref=https%3A%2F%2Fwww.crowdstrike.com%2F;fpan=1;fpa...
pixel.quantserve.com/ Frame 1318 35 B
658 B 13ms
12ms Image
image/gif 91.228.74.169
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=102882207;labels=_fp.event.Homepage;rf=0;a=p-7ngths0Sqjbqv;url=https%3A%2F%2Fgo.crowdstrike.com%2FWC2019OverwatchReport_LPDownload21.html;ref=https%3A%2F%2Fwww.crowdstrike.com%2F;fpan=1;fpa=P0-725174423-1582736888579;ns=1;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1582736888579;tzo=-60;ogl=

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.169 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Wed, 26 Feb 2020 17:08:08 GMT
Server: QS
Strict-Transport-Security: max-age=86400
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 match Show response
sfgw.leadspace.com/ip/ Frame 1318 138 B
250 B 144ms
144ms XHR
application/json 35.223.187.167
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sfgw.leadspace.com/ip/match

Requested by

Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.223.187.167 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

167.187.223.35.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

4af7d4203849f423ec32a305e8d8e05c4a34c6505270baae5267b6fa2ee1a1f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
Origin: https://go.crowdstrike.com
Authorization: 143731
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 Feb 2020 17:08:08 GMT
referrer-policy: no-referrer
server: istio-envoy
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://go.crowdstrike.com
x-xss-protection: 1; mode=block
access-control-allow-credentials: true
x-envoy-upstream-service-time: 25
strict-transport-security: max-age=31536000; includeSubdomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Origin
x-content-type-options: nosniff
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ Frame 1318 34 KB
11 KB 32ms
12ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d468e0fa78d4289b15f6fe03d1a22f98203afce6e09d425a0c29441d431eb853

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: Y8FvrmiUrb79ZxwHFnBxKc9Udz4XzaTU
Content-Encoding: gzip
x-amz-request-id: 6B33D6C7A9C0DA0A
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Wed, 26 Feb 2020 17:08:08 GMT
Connection: keep-alive
Content-Length: 10739
x-amz-id-2: iqv6JPL9Z9R+29UIVEPsLMXFMum/FOBDEmcQEPBy+d9Ha4AaYTCI6L14mCK9xyiSlL4FZosRkqw=
Last-Modified: Wed, 19 Feb 2020 22:07:29 GMT
Server: AmazonS3
ETag: "c91ce4add98fc2605b9dfa3090440619"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 check Show response
api.ipstack.com/ 300 B
406 B 219ms
215ms Script
application/json 2606:4700:20::681a:bc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ipstack.com/check?access_key=c4145bb60c6eaa1379ba0a6589da27de&legacy=1&callback=jQuery1124010270713252200059_1582736888871&_=1582736888872

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/wp-includes/js/jquery/jquery.js?ver=1.12.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baaab65ccebaa27033a644e4fd8b2e3be2a4392fbdc5020f6ff8013ed1eef2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-apilayer-transaction-id: 3b4d838d-c558-4f7b-bd6f-8664bef4e839
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; Charset=UTF-8
status: 200
x-request-time: 0.025
cf-ray: 56b384f38ae4980e-FRA

GET
H2 200 cse.js Show response
cse.google.com/ 11 KB
4 KB 65ms
35ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=013138164481186672820:gn0-cvkk8ja

Requested by

Host: www.crowdstrike.com
URL: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

40647f80fe74a43adddbe5701aa29f7f0464830a30d05b8b1b95bfae426dbbeb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:08 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3486
x-xss-protection: 0
expires: Wed, 26 Feb 2020 17:08:08 GMT

GET
H/1.1 200
OK / Show response
addsearch.com/searchui/v3/ 53 KB
14 KB 22ms
19ms Script
application/javascript 52.166.11.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://addsearch.com/searchui/v3/?key=7737a29b854de71521b1cd72c4118cfc&i=

Requested by

Host: addsearch.com
URL: https://addsearch.com/js/?key=7737a29b854de71521b1cd72c4118cfc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.11.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

c0cc59a6868744384bb4e1a7ec76fd8144d78743553e239c9cbaa1b3d3b9b181

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;

Request headers

Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 17:08:08 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/ Frame 1318
Redirect Chain

https://s.adroll.com/j/exp/5Q4Q33H4BRCRBAXODNJYP6/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

10ms
9ms

Script
application/javascript

23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: FcaZ9fQuufI0j2Jlie4e0Qn7iovsdj20
Content-Encoding: gzip
x-amz-request-id: 542B649F8C2045B8
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Wed, 26 Feb 2020 17:08:09 GMT
Connection: keep-alive
Content-Length: 48
x-amz-id-2: DOsr0QsmEs8inv5xEbtEM99LkzZmxHReydDBEYgZgMrqXcmRtZRZrRkYhwMOKl9cQcRMfOeMSqY=
Last-Modified: Fri, 21 Feb 2020 18:14:11 GMT
Server: AmazonS3
ETag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Wed, 26 Feb 2020 17:08:09 GMT
Server: AkamaiGHost
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/ Frame 1318 0
773 B 41ms
14ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: 5WY8z.ifru_UnLEqmrEf30lrJC0ant79
Content-Encoding: gzip
x-amz-request-id: EF9BD5AF24189609
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Wed, 26 Feb 2020 17:08:08 GMT
Connection: keep-alive
Content-Length: 20
x-amz-id-2: 4sV0Qwf+wbrEyj1sG/2SXX2jhE4pYFsSgrSzbTiaNbEMmkYODUgvavS+5U4RNe6j2E8G3flrJoE=
Last-Modified: Wed, 26 Feb 2020 05:28:59 GMT
Server: AmazonS3
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/5Q4Q33H4BRCRBAXODNJYP6/ Frame 1318
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/5Q4Q33H4BRCRBAXODNJYP6?_s=1603f29ac9652f547d28bd1b12a5c267&_b=2
https://d.adroll.com/consent/check/5Q4Q33H4BRCRBAXODNJYP6/?_s=1603f29ac9652f547d28bd1b12a5c267&_b=2

115 B
583 B

39ms
32ms

Script
application/javascript

52.210.243.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/5Q4Q33H4BRCRBAXODNJYP6/?_s=1603f29ac9652f547d28bd1b12a5c267&_b=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.243.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-243-243.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 9a39a748b4301cfbdcccd2bc67e3f2754ee19067e7b92cf7f43d81476bcd415d

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Feb 2020 17:08:09 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: application/javascript
content-length: 115

Redirect headers

status: 302
date: Wed, 26 Feb 2020 17:08:09 GMT
server: nginx/1.16.1
content-length: 105
location: https://d.adroll.com/consent/check/5Q4Q33H4BRCRBAXODNJYP6/?_s=1603f29ac9652f547d28bd1b12a5c267&_b=2

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ Frame 1318 34 KB
11 KB 39ms
13ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: go.crowdstrike.com
URL: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d468e0fa78d4289b15f6fe03d1a22f98203afce6e09d425a0c29441d431eb853

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: Y8FvrmiUrb79ZxwHFnBxKc9Udz4XzaTU
Content-Encoding: gzip
x-amz-request-id: 6B33D6C7A9C0DA0A
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Wed, 26 Feb 2020 17:08:08 GMT
Connection: keep-alive
Content-Length: 10739
x-amz-id-2: iqv6JPL9Z9R+29UIVEPsLMXFMum/FOBDEmcQEPBy+d9Ha4AaYTCI6L14mCK9xyiSlL4FZosRkqw=
Last-Modified: Wed, 19 Feb 2020 22:07:29 GMT
Server: AmazonS3
ETag: "c91ce4add98fc2605b9dfa3090440619"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK / Show response
addsearch.com/js/ 1 KB
1011 B 16ms
15ms Script
application/javascript 52.166.11.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://addsearch.com/js/?key=7737a29b854de71521b1cd72c4118cfc

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.11.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

50886488d3515d60717c6ae549978d0b5e017d896f0c93dfdb87e084e8e0d480

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;

Request headers

Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 17:08:08 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/javascript;charset=UTF-8
Connection: keep-alive
Content-Length: 730

GET
H/1.1 200
OK / Show response
addsearch.com/searchui/v3/ 53 KB
14 KB 21ms
21ms Script
application/javascript 52.166.11.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://addsearch.com/searchui/v3/?key=7737a29b854de71521b1cd72c4118cfc&i=

Requested by

Host: addsearch.com
URL: https://addsearch.com/js/?key=7737a29b854de71521b1cd72c4118cfc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.11.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

20046203a5705a0c4f0204d6982f5bd3e515158a0865c7e71d839d49e74261ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;

Request headers

Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 17:08:08 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 jquery.prettyPhoto.js Show response
www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/js/ 21 KB
6 KB 29ms
28ms Script
application/javascript 2606:4700::6812:d8e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.crowdstrike.com/resources/wp-content/themes/CrowdStrike_Theme/js/jquery.prettyPhoto.js?ver=1.0.0

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d8e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11f4af66c5a7c312cb258336e99e102e6f48345073d2a1c0b950a2bc78e6441c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.crowdstrike.com/resources/reports/observations-from-the-front-lines-of-threat-hunting-2019/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 17:08:08 GMT
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1248
cf-polished: origSize=21506
cf-ray: 56b384f3fcb164cd-FRA
x-cache: Hit from cloudfront
status: 200
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Nov 2019 20:27:13 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://crowdstrike.lookbookhq.com/
etag: W/"f81c3c778084503cad39095830c6b3f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: 0BcerU.QP_5tdNPuP3biWhZVnYUZbTXr
access-control-allow-origin: https://www.crowdstrike.jp
cache-control: public, max-age=3600
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: IuPoeJUxeGYlKg6mhoMbM45rBd-09LtOxNYJ_GqyrNgHkAxdQgMHgg==
expires: Wed, 26 Feb 2020 21:08:08 GMT

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/8b2252448421acb3/ 257 KB
85 KB 15ms
11ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8b2252448421acb3/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=013138164481186672820:gn0-cvkk8ja

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02c39275000c1280f9cde808ebe731ec1924477305678759c1140ecaac49eba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 24 Feb 2020 17:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 31 Oct 2019 16:49:36 GMT
server: sffe
age: 171261
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 86820
x-xss-protection: 0
expires: Tue, 23 Feb 2021 17:33:47 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/8b2252448421acb3/ 40 KB
9 KB 11ms
8ms Stylesheet
text/css 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8b2252448421acb3/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=013138164481186672820:gn0-cvkk8ja

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40a20291f9b526cba58796a4bbd0256d5663313e02c9d5ab5a842476562b3108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 23 Feb 2020 16:13:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 31 Oct 2019 16:49:36 GMT
server: sffe
age: 262449
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9042
x-xss-protection: 0
expires: Mon, 22 Feb 2021 16:13:59 GMT

GET
H2 200 minimalist.css
www.google.com/cse/static/style/look/v3/ 13 KB
3 KB 21ms
18ms Stylesheet
text/css 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v3/minimalist.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=013138164481186672820:gn0-cvkk8ja

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5212bc7e582ed1d4213780eede8d52a3efb25abb444b7e07a5dcf5d3010812b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.crowdstrike.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 26 Feb 2020 16:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 May 2019 14:00:00 GMT
server: sffe
age: 1612
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3101
x-xss-protection: 0
expires: Wed, 26 Feb 2020 17:31:16 GMT

GET
H/1.1

200
OK

JK7SIYBXVFBL3G4JSDFST7.js Show response
s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/ Frame 1318
Redirect Chain

https://d.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&pv=53676361223.76773&cookie=&adroll_s_ref=https%3A//www.c...
https://s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/JK7SIYBXVFBL3G4JSDFST7.js

5 KB
2 KB

27ms
27ms

Script
text/javascript

23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/JK7SIYBXVFBL3G4JSDFST7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2f3a0236ba6be8d46534f1bbcd641b2560d6679dde65910d6f4c9d1ec431c960

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: gnbmIgRgCBDfQTWbQ.cGwJNF9_8cXyi6
Content-Encoding: gzip
x-amz-request-id: 0A5C98741D351F3B
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Wed, 26 Feb 2020 17:08:09 GMT
Connection: keep-alive
Content-Length: 1750
x-amz-id-2: aFV8MGB7OLmoUh+kWayr5yYbS/MWYSIygljver9Lz8HkGAE8SHqRRHghLuWw5I7cv4qPKnlCyt8=
Last-Modified: Tue, 04 Feb 2020 01:55:41 GMT
Server: AmazonS3
ETag: "325ed9107f5c85ff06e9b2f85abd6a38"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

date: Wed, 26 Feb 2020 17:08:09 GMT
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.16.1
x-rule: *
x-segment-eid: JK7SIYBXVFBL3G4JSDFST7
location: https://s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/JK7SIYBXVFBL3G4JSDFST7.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: 3VD6P4Z5VVGIDCI2DJK7LT
x-segment-name: *
x-advertisable-eid: 5Q4Q33H4BRCRBAXODNJYP6
x-conversion-currency

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ Frame 1318 9 KB
3 KB 24ms
21ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/pixel/5Q4Q33H4BRCRBAXODNJYP6/3VD6P4Z5VVGIDCI2DJK7LT/JK7SIYBXVFBL3G4JSDFST7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: NM.EHVfGEDu2TYFqb1osrv1zRII373EC
Content-Encoding: gzip
x-amz-request-id: D373BDDB893E575E
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Wed, 26 Feb 2020 17:08:09 GMT
Connection: keep-alive
Content-Length: 2039
x-amz-id-2: XqO1wRxhQLE4QFFRqtF9/83wFF4kohDuQitS60oDt2WfBKh8tJ7/oV8RacTG09xzkB1mcIYtrnQ=
Last-Modified: Mon, 03 Feb 2020 20:32:06 GMT
Server: AmazonS3
ETag: "15441b08d0c4f93b1dd5f533cd361cd8"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 346813882393432 Show response
connect.facebook.net/signals/config/ Frame 1318 447 KB
113 KB 70ms
68ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/346813882393432?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de4f51233ce3da51eb2c02e5ba22ed859fd254c48e206eb29fa4920b509a2b2f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: tKrki2FiyyH3FUTMzsK6t7BVAvB1o8vXHsODkzbVRkIil+6YzsIbyqq+x5dVNBXpPL3bxGp9VM7uEr0QiS5pxQ==
x-fb-trip-id: 1850256238
date: Wed, 26 Feb 2020 17:08:09 GMT, Wed, 26 Feb 2020 17:08:09 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55980/ Frame 1318
Redirect Chain

https://d.adroll.com/cm/aol/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://pixel.advertising.com/ups/55980/sync?uid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
https://ups.analytics.yahoo.com/ups/55980/sync?uid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP9012be0d-58ba-11ea-aafd-02...
https://ups.analytics.yahoo.com/ups/55980/sync?uid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP9012be0d-58ba-11ea-aafd-02...

0
977 B

12ms
11ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?uid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP9012be0d-58ba-11ea-aafd-02a17f3c404a&verify=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.102 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 26 Feb 2020 17:08:09 GMT
Server: ATS/7.1.2.102
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Wed, 26 Feb 2020 17:08:09 GMT
Server: ATS/7.1.2.102
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55980/sync?uid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP9012be0d-58ba-11ea-aafd-02a17f3c404a&verify=true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1318
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&expiration=1614272889
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&expiration=1614272889&C=1

43 B
1003 B

16ms
15ms

Image
image/gif

23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&expiration=1614272889&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Feb 2020 17:08:09 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 26 Feb 2020 17:08:09 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Feb 2020 17:08:09 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&expiration=1614272889&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Wed, 26 Feb 2020 17:08:09 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1318
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&expires=365

0
239 B

284ms
21ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Feb 2020 17:08:09 GMT
server: nginx/1.16.1
location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&expires=365
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 124

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 1318
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&rdrctExp=true

0
452 B

98ms
97ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&rdrctExp=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-TraceId: 9c286f2965ba6aa43d5e1d1a07b2c0c6
Date: Wed, 26 Feb 2020 17:08:09 GMT
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&rdrctExp=true
Date: Wed, 26 Feb 2020 17:08:09 GMT
X-TraceId: 82abc6b5898e8bfa6f8b4152fd22413d
Content-Length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 1318
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
1010 B

72ms
22ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Feb 2020 17:08:09 GMT
X-lat: Pug23012:0:268
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Cache-Control: no-store, no-cache, private
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection: close
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Wed, 26 Feb 2020 17:08:09 GMT
server: nginx/1.16.1
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 220

GET
H2

200

in
d.adroll.com/cm/r/ Frame 1318
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

42 B
500 B

31ms
31ms

Image
image/gif

52.210.243.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.243.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-243-243.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Feb 2020 17:08:09 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42

Redirect headers

date: Wed, 26 Feb 2020 17:08:09 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
location: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
status: 302
x-content-type-options: nosniff
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

204

/
trc.taboola.com/sg/adroll-network/1/rtb-h/ Frame 1318
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA

0
240 B

17ms
16ms

Image
text/plain

151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Wed, 26 Feb 2020 17:08:09 GMT
via: 1.1 varnish
server: nginx
x-timer: S1582736889.318655,VS0,VE9
x-served-by: cache-hhn4024-HHN
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Feb 2020 17:08:09 GMT
server: nginx/1.16.1
location: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 111

GET
H2

200

xuid
eb2.3lift.com/ Frame 1318
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://eb2.3lift.com/xuid?mid=4714&xuid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

13ms
11ms

Image
image/gif

35.157.121.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.121.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-121-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 26 Feb 2020 17:08:09 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 37
content-type: image/gif

Redirect headers

status: 302
date: Wed, 26 Feb 2020 17:08:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: /xuid?ld=1&mid=4714&xuid=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 1318
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://x.bidswitch.net/sync?dsp_id=44&user_id=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA

43 B
380 B

12ms
11ms

Image
image/gif

3.122.47.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.47.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-47-160.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 26 Feb 2020 17:08:09 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

status: 302
date: Wed, 26 Feb 2020 17:08:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1318
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://ib.adnxs.com/setuid?entity=172&code=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA

43 B
1 KB

44ms
14ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Feb 2020 17:08:11 GMT
AN-X-Request-Uuid: c665f162-5934-4ea7-bc14-8891c551112f
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 83.143.245.68; 83.143.245.68; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.136:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Feb 2020 17:08:09 GMT
server: nginx/1.16.1
location: https://ib.adnxs.com/setuid?entity=172&code=NmFmNzM1ZjkxYWZhYzdkZWFkYWJiMzdmZGE3MTM5ODA
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 93

GET
H2

204

377928.gif
idsync.rlcdn.com/ Frame 1318
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://idsync.rlcdn.com/377928.gif?partner_uid=6af735f91afac7deadabb37fda713980

0
40 B

125ms
115ms

Image
text/plain

35.190.72.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=6af735f91afac7deadabb37fda713980
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 21.72.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Wed, 26 Feb 2020 17:08:09 GMT
via: 1.1 google
alt-svc: clear

Redirect headers

pragma: no-cache
date: Wed, 26 Feb 2020 17:08:09 GMT
server: nginx/1.16.1
location: https://idsync.rlcdn.com/377928.gif?partner_uid=6af735f91afac7deadabb37fda713980
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 86

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1318
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6
https://us-u.openx.net/w/1.0/sd?id=537103138&val=6af735f91afac7deadabb37fda713980
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=6af735f91afac7deadabb37fda713980

43 B
183 B

21ms
17ms

Image
image/gif

34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=6af735f91afac7deadabb37fda713980
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Feb 2020 17:08:09 GMT
via: 1.1 google
server: OXGW/16.176.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Wed, 26 Feb 2020 17:08:09 GMT
via: 1.1 google
server: OXGW/16.176.1
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=6af735f91afac7deadabb37fda713980
p3p: CP="CUR ADM OUR NOR STA NID"
status: 302
alt-svc: clear
content-length: 0

GET
H2

200

in
d.adroll.com/cm/g/ Frame 1318
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=a7c628371e6e80e230f6ff1f25ecefda-1582736889097&xid_ch=f&advertisable=5Q4Q33H4BRCRBAXODNJYP6&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=avc1-Rr6x96tq7N_2nE5gA
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=avc1-Rr6x96tq7N_2nE5gA&google_tc=
https://d.adroll.com/cm/g/in

42 B
537 B

36ms
32ms

Image
image/gif

52.210.243.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.243.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-243-243.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Feb 2020 17:08:09 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Wed, 26 Feb 2020 17:08:09 GMT
server: HTTP server (unknown)
location: https://d.adroll.com/cm/g/in
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 1318 44 B
152 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=346813882393432&ev=PageView&dl=https%3A%2F%2Fgo.crowdstrike.com%2FWC2019OverwatchReport_LPDownload21.html&rl=https%3A%2F%2Fwww.crowdstrike.com%2F&if=true&ts=1582736889290&cd[segment_eid]=JK7SIYBXVFBL3G4JSDFST7&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=29&fbp=fb.1.1582736888442.1720685339&it=1582736888218&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 17:08:09 GMT, Wed, 26 Feb 2020 17:08:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Wed, 26 Feb 2020 17:08:09 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 1318 44 B
106 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1950083805267950&ev=Microdata&dl=https%3A%2F%2Fgo.crowdstrike.com%2FWC2019OverwatchReport_LPDownload21.html&rl=https%3A%2F%2Fwww.crowdstrike.com%2F&if=true&ts=1582736889957&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1582736888442.1720685339&it=1582736888218&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.crowdstrike.com/WC2019OverwatchReport_LPDownload21.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 17:08:09 GMT, Wed, 26 Feb 2020 17:08:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Wed, 26 Feb 2020 17:08:09 GMT

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.go.crowdstrike.com/	1970-01-19 16:24:54	Name: __adroll_fpc Value: a7c628371e6e80e230f6ff1f25ecefda-1582736889097
.crowdstrike.com/	1970-01-19 07:40:23	Name: _gid Value: GA1.2.2127672594.1582736888
go.crowdstrike.com/	1969-12-31 23:59:59	Name: BIGipServerab01web-nginx-app_https Value: !ejkq3drgmFU8UB1ybf/nLIVwOTHiDpe91FisggldcAGNfDNa0zP3ejJ/Gf9uZothfUHL4uo/MPHEYgo=
.crowdstrike.com/	1970-01-20 01:10:08	Name: _ga Value: GA1.2.1531803285.1582736888
.crowdstrike.com/	1970-01-19 09:48:32	Name: _fbp Value: fb.1.1582736888442.1720685339
.crowdstrike.com/	1970-01-19 16:11:35	Name: _hjid Value: 9e348894-0179-41cd-bab9-9d529c3a32b7
.go.crowdstrike.com/	1970-01-19 07:38:58	Name: __cf_bm Value: 53fe6065b8b5c2df34888ab5dc2645bd3ff28ef1-1582736887-1800-AcuNFz+xgk2D+zjE6UHbxgTyRg59uuxQ87ZC5u7dU7u6L2UQ02N7i9G5RTP0bRUq/uqxUlaeOUv7i8v4WcutpVY=
.crowdstrike.com/	1970-01-19 17:03:25	Name: __qca Value: P0-725174423-1582736888579
.go.crowdstrike.com/	1970-01-19 16:24:32	Name: __ar_v4 Value:
.crowdstrike.com/	1970-01-20 01:10:08	Name: _mkto_trk Value: id:281-OBQ-266&token:_mch-crowdstrike.com-1582736888081-67820
.crowdstrike.com/	1978-01-11 21:31:40	Name: _gaClientData Value: %7B%22counters%22%3A%7B%22AllFalconProducts%22%3A0%2C%22FalconPro%22%3A0%2C%22FalconEnterprise%22%3A0%2C%22FalconPremium%22%3A0%2C%22FalconComplete%22%3A0%2C%22FalconPrevent%22%3A0%2C%22FalconX%22%3A0%2C%22FalconInsight%22%3A0%2C%22FalconDeviceControl%22%3A0%2C%22FalconOverwatch%22%3A0%2C%22FalconDiscover%22%3A0%2C%22FalconSpotlight%22%3A0%2C%22FalconForMobile%22%3A0%2C%22FalconSearchEngine%22%3A0%2C%22FalconSandbox%22%3A0%2C%22FalconOnGovcloud%22%3A0%2C%22FalconForDataCenters%22%3A0%2C%22AllServices%22%3A0%2C%22IncidentResponse%22%3A0%2C%22ProactiveServices%22%3A0%2C%22ExperiencedBreach%22%3A0%2C%22Blog%22%3A0%2C%22AllResources%22%3A0%2C%22CaseStudies%22%3A0%2C%22DataSheets%22%3A0%2C%22Reports%22%3A0%2C%22CrowdCasts%22%3A0%2C%22FreeTools%22%3A0%2C%22Videos%22%3A0%2C%22WhitePapers%22%3A0%2C%22TechCenter%22%3A0%2C%22AllPages%22%3A1%7D%7D
.crowdstrike.com/	1970-01-19 08:22:08	Name: __cfduid Value: d0eb649afbf8fef2fb43bd0313909ec231582736886

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://munchkin.marketo.net/157/munchkin.js(Line 19) Message: Munchkin.init("%s") options: 281-OBQ-266 [object Object]
console-api	log	URL: https://sfc.leadspace.com/sf5.js(Line 8) Message: [object Location]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://crowdstrike.lookbookhq.com/
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

281-obq-266.mktoresp.com
addsearch.com
ads.yahoo.com
ajax.cloudflare.com
ajax.googleapis.com
api.company-target.com
api.ipstack.com
app-ab01.marketo.com
attr.ml-api.io
bat.bing.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
cse.google.com
d.adroll.com
d.adroll.mgr.consensu.org
d12ulf131zb0yj.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
eu2.thunderhead.com
fonts.googleapis.com
go.crowdstrike.com
ib.adnxs.com
idsync.rlcdn.com
match.prod.bidr.io
munchkin.marketo.net
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
px.ads.linkedin.com
rules.quantcount.com
s.adroll.com
s.ml-attr.com
script.hotjar.com
secure.adnxs.com
secure.quantserve.com
segments.company-target.com
sfc.leadspace.com
sfgw.leadspace.com
simage2.pubmatic.com
sjrtp-cdn.marketo.com
snap.licdn.com
static.hotjar.com
sync.outbrain.com
tag.demandbase.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
www.crowdstrike.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
104.16.93.80
104.17.70.206
13.35.253.41
143.204.202.10
143.204.202.115
143.204.202.63
143.204.202.73
147.75.100.245
147.75.32.125
147.75.32.99
151.101.114.2
172.217.23.98
18.156.0.31
185.33.220.145
185.33.223.216
185.64.190.80
192.28.144.124
2001:4de0:ac19::1:b:1b
23.210.248.216
23.210.249.164
2600:9000:2057:9c00:6:44e3:f8c0:93a1
2606:4700:20::681a:bc2
2606:4700::6811:4004
2606:4700::6812:d8e1
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:800::200e
2a00:1450:4001:808::2004
2a00:1450:4001:80b::200e
2a00:1450:4001:815::200a
2a00:1450:4001:81a::200a
2a00:1450:4001:825::2008
2a02:26f0:10c:382::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
2a05:f500:10:101::b93f:9105
3.122.47.160
3.123.244.246
34.95.120.147
35.157.121.171
35.190.114.154
35.190.72.21
35.223.187.167
51.105.108.194
52.166.11.26
52.210.243.243
52.215.1.63
68.67.153.60
69.173.144.139
70.42.32.127
91.228.74.133
91.228.74.169
95.100.75.224
95.101.176.176
023fef23e66850e671b5cec2e7a92f373e405be817f6bd3523cc6591e9ef1195
02c39275000c1280f9cde808ebe731ec1924477305678759c1140ecaac49eba0
0300012087dee57a051d6abd72c298d9acad1e42d1447f8aabbc7bf253f0dcc1
04951a5809e50a6a1c03f20560b6629fdf07e21ca2b0659cced8bde8df25813d
05cc1bfb3722610c4335196f145cec3d981e53acaa84931f20c7d017bdf9fe47
0735e3827a3d7fe722b56733ca79c2bad9aca48c3a0d12c50617fcfdb09b61ee
0842bb0efb6d5b48d40db26395141d1c40420e7ee434ab16c93544be8a748583
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0d913c307f0f12939c131e32b9dc888357273b385fb70b8ae8636a13a6d4ae70
0fe3fe2ff12f2874356b7ade29b1f0eb26e1ef1fac52ed3dac8b3644b9cc3983
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10da1f5628d7937bdc03d586f6696982014673a7cccfb9af904eaec424ceddc4
11af678793820cdd26042632ae9ec0ebe89b64cdacc4b3b8c5a101d0132e917c
11f4af66c5a7c312cb258336e99e102e6f48345073d2a1c0b950a2bc78e6441c
129b362d6e4cf43a5ada8cb4a40f7706b7950cf9601b89c15021c81cea919112
165206da91bbe74bdf79910e497952107af5d807d1c98eb9ba10935e9cb2c28c
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712
188db31839e8c1251d3020ed80245f15a422fdc60e8621fb7e921f4a7b2697df
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d
1eb8b0b461886b58a6d7a704ffc72912c4268363deecd5c963ed266c0fd709fd
20046203a5705a0c4f0204d6982f5bd3e515158a0865c7e71d839d49e74261ea
20aa5801e8d05166819a353fcef2c346ec1ef4fe11974759d93483a3ff98c0b4
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2173bda07583c48887c926e95bf4e5b0f6797d536c3af1975820d45bc479c76a
234131ad8717450135a236eaa12703f3c45adecede5483618bfe3e5822076fd0
2403f23389dde6ee71fb73f3c9d49b8fb8820b14ff3e85b151da4c40c64a190a
26795b25e5aa9e2588329fa0ea08c2e8aa6eb5f742f49c55238509a26a5a3cad
2f3a0236ba6be8d46534f1bbcd641b2560d6679dde65910d6f4c9d1ec431c960
3147026ff99804131affcb3cadbdfd49c0a07583682aefcc1198f57e2614d5b0
397d07fbfb19b6ac538d7b8bcdf5ebf7be881c9f9ad3982278d9d4f3a02c160b
3b6b47fc2e4648d1f3173437faf2065ecd7cc89142d338151bf0b0c2404b5005
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c23f34ab5dd833e83e48b13735ec1e9c7488e9167ce21f5684ceb8a96fad92f
3c82c76acf040a1e1663b90c4e441671aa652530f77701d0f6f41cb58a7dda51
40647f80fe74a43adddbe5701aa29f7f0464830a30d05b8b1b95bfae426dbbeb
40a20291f9b526cba58796a4bbd0256d5663313e02c9d5ab5a842476562b3108
4122248e62fb7060569b511c0e8e92442873b8994f15833bf2add304bd000add
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
426b5498cc22156b7811afcb3dd5770db20bb1ee0fa67985200283db1f5d508e
45001bba1f50c74d6fb27cce10d815c9d30e13b6418af474e1758d2cb0ecdd58
480ee4ac7b19db2474aa0bdf40695264dd231ac2432ad9fa03daa4daacca2a21
4af7d4203849f423ec32a305e8d8e05c4a34c6505270baae5267b6fa2ee1a1f2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50886488d3515d60717c6ae549978d0b5e017d896f0c93dfdb87e084e8e0d480
5212bc7e582ed1d4213780eede8d52a3efb25abb444b7e07a5dcf5d3010812b2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
584d9561cae38e4b99fdf6bc3911eaf789d12e7b39021930d977258663ae6a46
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5e546c215a222d7f9cc12b8a5de464cf3c1c9e8d7ba8672348dcd43dff50cf6e
640a401ef807204873f6f29f1825bf7400035432bdfd51361edc487d17099df0
643fb5ad280920a70c2d372ac3448aaa2724fbddea2710b8eef4abc8b8b335e2
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69e82194bb8118fe285299582fac5d804816460abeb6ed1eae4e2360137e2a4b
6aa9a8ae49f33fec9c635e69129b0bcc3c7fbddff262f9729fd00fc5ed1e5458
6acfe3a6177be6a218fdf1798e59451d115fb0ce82e89eb1b3688f3e61654360
6af290228fa19f3c6f0a919fd737783e00f37b2342fe3c548931836feb0d1114
748bdf6d3bdc5e521d2d27f95cda8dd8b370ee48d950bb8594a897ff18d97799
7ad07f7e4c992a797ddae26a89b57b9addbb1d74ab42559858041ea1020786c2
7c4daad866e19daf2e5089bf09a821ce5b21a2a88e6af402b5979837f3a32d8b
7d13feefe127254ad04bdd113f097528b6fc8db071226a0eca2d68f4315532a1
8194edd0b1baf83858f7dacd0206f65f2b6f3a10a6edef4ae58cc25e94727d8e
8368e02cf9894bab2c89a30b94f3e848d99f637b58306cd8a72274918f7e7b9d
85fa30d1465d9e61b36a2670cfd656a97ce2da2f9b47577a640a6f3f282bed03
864a06c631e8d4f42b39556ca18631c184a4c6bb2eee8da04bb3cc29b66b219d
8801be0e66832c555176c8964efc290cd759eb25fcd9f0c7868971cdacdf538d
892eace985d75c841e262f90367bbbda5ae2c20a686bf34457993b45d8bc86a6
89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7
8a4c252da9c4b03a65ca99a734ef82408df893c1b6a5d5a49c4f87f774bc4f75
8ba64d5d6befa797adc2b067a3d18264000514632fe26b538e41ac53b1427ef1
8ce7920df0659e5cd6b178128c1e4f9b59bef133bb36e18465f8be01a92b2b3a
8cfcd969a692602c4acd1285a22163938bea53181ed737341ab036719ce0005c
8e019a228a2ff09b81c6a615f950a0d116fe95ff7ea46d693d82ad0e8a7995b5
91fe79e8e8291b77812425be5ad6ef3cff7289c1456147682cac9d130a312555
924ce09c1b46893447425d2af30b82434d01fdcdcac8fd9d09d81a99144e579d
9393dfa11f9bf5556a437e9a2c159ee1e5d4d5f0c86a3d1f1528f5be8bb00a69
95a91e047817247386ced0e355c8870ddad9ed1190c6cf8492155d0d172b3cac
95b980b2ef3a93bdab65089dfabc183007988095794e319ddf99498952a25068
9781af3d5bfad1b731ec0f8bcd76d9b08231514b00dcf499da5261d4617790ef
9a39a748b4301cfbdcccd2bc67e3f2754ee19067e7b92cf7f43d81476bcd415d
9c79822be1ce3cc3decf34b7932f552b39cc587e2c5b891e4fc1eb31a0cd6d8a
9e172a52cfd5eb5fa71a0ad9c932589cca2ef24e74996f064773d01558bc02d7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a7df7c5b102fc3ab3b3dc7197137945b12f937964749c556d48d6f4ea0014ee1
aa894ab4d5209637ebd77769058ab928b31a157a6e0934a396f4ed47d16aee4e
acc0997fb73941bf769cca6ddc74aecf4dba4999bf00a0535da15559236d5b76
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b372d056d04ed4bd986c218c49207d678079907e3b062c945be3be35e7dbfba8
b7e0506c8216aa451486ce62414245f8873f55c251fc8d2ffa4b906fa9a927e2
baaab65ccebaa27033a644e4fd8b2e3be2a4392fbdc5020f6ff8013ed1eef2ad
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be0e6080cb4849fd985b55c305c4fe7f81c123b0ca3e834feb905f5104e39c5f
c0cc59a6868744384bb4e1a7ec76fd8144d78743553e239c9cbaa1b3d3b9b181
cc27845c4ba2580588d37b6d48939e7b833faeefa237e927860054226a0ad6f9
cc97c1fc5bd6ce393ae8ac5ef9e03990e96b6181be6d4e267147d8a9e8c7aca7
d1cdc4fcc118cf2b8c7d8a426248105d2589ac734644639e2ad80bbf8b66ab2c
d468e0fa78d4289b15f6fe03d1a22f98203afce6e09d425a0c29441d431eb853
de4f51233ce3da51eb2c02e5ba22ed859fd254c48e206eb29fa4920b509a2b2f
de6770bee347164c17e9c7d5ee2aa2243e58c7ef6112424aa0dc75aaedc3d7ef
e171657f17dce45d9a1cb4f2606ffc969ee8ec6d145d2b4d9c00fb0d52f5c22c
e18ec4b0d01e6b4cdd71bc71588dbb1f5c7e1a4fbba0b2ff47172554236101ae
e35c5b75710940a4c35bef615dcf18fe3d12ead0a69208bb4858c17ac4fd39c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
e91c4ae88469b2db9f529556b7fad60a298f25d0e18dd36212bf58029fba67cf
e98db8f0cd60d4ee378438d39ef0c7e735f2c2c4f638f8e4842564927602e304
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f073dc1cb254257b70f1b55095169fff06c80db72ae13378d8c93948758c7b46
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6e7e0830124ea580b3f0de0da80ba48a45d9df9d7c092af0f47c63ed0692578
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
f77f6968e6f1b1fed1b4c703fea51a7c5666baf2c469a62b1b953cf0bf75d569
f8975089ce6594c29c7ce3b0f8083ae80c9ca03c96fa3c7e4f70e427fa427a07
fc60fbd2fce82178fc7426f1e63aa07e81708b0cbe7a4501ffef4353815d44f7
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.crowdstrike.com Open in urlscan Pro 2606:4700::6812:d8e1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

148 Requests

100 %HTTPS

33 %IPv6

43 Domains

56 Subdomains

49 IPs

7 Countries

1965 kBTransfer

6625 kBSize

12 Cookies

17 Outgoing links

Redirected requests

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.crowdstrike.com Open in urlscan Pro
2606:4700::6812:d8e1 Public Scan

Screenshot
Live screenshot

Full Image

148
Requests

100 %
HTTPS

33 %
IPv6

43
Domains

56
Subdomains

49
IPs

7
Countries

1965 kB
Transfer

6625 kB
Size

12
Cookies

148 HTTP transactions
1 data transactions