go.chronicle.security Open in urlscan Pro
2606:2c40::c73c:67e4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cjjy104.na1.hubspotlinks.com/Btc/WY+113/cjjy104/VVzrk72mj1XyW8s-npV7W_xBgW5LNP254xNd1gN1CRs-53lScmV1-WJV7CgC30N643cLvzbKLtW1p...
Effective URL:
https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6s...
Submission: On September 22 via manual (September 22nd 2021, 12:29:03 pm UTC) from ES — Scanned from DE

Summary HTTP 29 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 29 HTTP transactions. The main IP is 2606:2c40::c73c:67e4, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is go.chronicle.security.
TLS certificate: Issued by GTS CA 1D4 on August 30th 2021. Valid for: 3 months.

This is the only time go.chronicle.security was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6812:1f69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:2c40::c7... 2606:2c40::c73c:67e4	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2606:4700::68... 2606:4700::6811:f2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eecc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:82ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	10

2 2606:4700::6812:1f69 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cjjy104.na1.hubspotlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:2c40::c73c:67e4 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.chronicle.security	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f2cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:82ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	chronicle.security go.chronicle.security	257 KB
5	hubspot.com app.hubspot.com forms.hubspot.com track.hubspot.com	3 KB
3	hs-banner.com js.hs-banner.com	16 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	hubspotlinks.com 1 redirects cjjy104.na1.hubspotlinks.com	3 KB
1	hsforms.com forms.hsforms.com	519 B
1	hscollectedforms.net js.hscollectedforms.net	26 KB
1	hs-analytics.net js.hs-analytics.net	20 KB
1	usemessages.com js.usemessages.com	21 KB
1	hubspot.net cdn2.hubspot.net	2 KB
29	10

	Domain	Requested by
13	go.chronicle.security	cjjy104.na1.hubspotlinks.com go.chronicle.security js.usemessages.com
3	track.hubspot.com
3	js.hs-banner.com	go.chronicle.security js.hs-banner.com
2	fonts.googleapis.com	go.chronicle.security
2	cjjy104.na1.hubspotlinks.com	1 redirects
1	forms.hsforms.com	go.chronicle.security
1	forms.hubspot.com	js.hscollectedforms.net
1	js.hscollectedforms.net	go.chronicle.security
1	js.hs-analytics.net	go.chronicle.security
1	js.usemessages.com	go.chronicle.security
1	app.hubspot.com	go.chronicle.security
1	cdn2.hubspot.net	go.chronicle.security
29	12

This site contains links to these domains. Also see Links.

Domain
policies.google.com
www.chronicle.security
chronicle.security

Subject Issuer	Validity	Valid
hubspotlinks.com Cloudflare Inc ECC CA-3	`2021-06-17` - `2022-06-16`	a year	crt.sh
go.chronicle.security GTS CA 1D4	`2021-08-30` - `2021-11-28`	3 months	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
Frame ID: D8040A1258B18B1400E53ED1C8D78D1F
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Threat Hunting and Detection Virtual Workshop

Page URL History Show full URLs

https://cjjy104.na1.hubspotlinks.com/Btc/WY+113/cjjy104/VVzrk72mj1XyW8s-npV7W_xBgW5LNP254xNd1gN1CRs-53lScmV1-WJV7... Page URL
https://cjjy104.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/WY+113/cjjy104/VVzrk72mj1XyW8s-npV7W_xBgW5... HTTP 307
https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsen... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

100 %
HTTPS

100 %
IPv6

10
Domains

12
Subdomains

10
IPs

2
Countries

350 kB
Transfer

1163 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy
Title: Google Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.chronicle.security/

Search URL Search Domain Scan URL

URL: https://chronicle.security/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://chronicle.security/legal/
Title: Terms of Use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cjjy104.na1.hubspotlinks.com/Btc/WY+113/cjjy104/VVzrk72mj1XyW8s-npV7W_xBgW5LNP254xNd1gN1CRs-53lScmV1-WJV7CgC30N643cLvzbKLtW1pVv8g7j_bVMW4MxNjs44kNTMW1bYfLR1dlqTDW3K1yjK6Jncw5W8KT8jT4w6JYpW26r2Sd9ff-5SW6KVg4d8W3ynFW7SvtJM7XXR2qW4DnCpF1Zn4fxW7nzq5c9l0gzQW1frfc24c_VGQW7jr9Jg5W6TxNW1JNWQX1bkmp_W5gVp4v3cyC7KVG8zH16j5WjLW1bmy2P4THn3NW1_y3Qy7fgG3GW6Sm3gv6TBrzBW98XnKV8-Q7QxVZDCF023tJXGW8nZNM38n0Qh7W8NJlFL8WkwwXW3xdG8r5ZzwCMW5V67P36l-zwDVrjb8z4GMlx93nWP1 Page URL
https://cjjy104.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/WY+113/cjjy104/VVzrk72mj1XyW8s-npV7W_xBgW5LNP254xNd1gN1CRs-53lScmV1-WJV7CgC30N643cLvzbKLtW1pVv8g7j_bVMW4MxNjs44kNTMW1bYfLR1dlqTDW3K1yjK6Jncw5W8KT8jT4w6JYpW26r2Sd9ff-5SW6KVg4d8W3ynFW7SvtJM7XXR2qW4DnCpF1Zn4fxW7nzq5c9l0gzQW1frfc24c_VGQW7jr9Jg5W6TxNW1JNWQX1bkmp_W5gVp4v3cyC7KVG8zH16j5WjLW1bmy2P4THn3NW1_y3Qy7fgG3GW6Sm3gv6TBrzBW98XnKV8-Q7QxVZDCF023tJXGW8nZNM38n0Qh7W8NJlFL8WkwwXW3xdG8r5ZzwCMW5V67P36l-zwDVrjb8z4GMlx93nWP1?_ud=f8944060-5f4a-47d4-b9af-36ea568cf851&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VVzrk72mj1XyW8s-npV7W_xBgW5LNP254xNd1gN1CRs-53lScmV1-WJV7CgC30N643cLvzbKLtW1pVv8g7j_bVMW4MxNjs44kNTMW1bYfLR1dlqTDW3K1yjK6Jncw5W8KT8jT4w6JYpW26r2Sd9ff-5SW6KVg4d8W3ynFW7SvtJM7XXR2qW4DnCpF1Zn4fxW7nzq5... Show response
cjjy104.na1.hubspotlinks.com/Btc/WY+113/cjjy104/ 9 KB
3 KB 433ms
389ms Document
text/html 2606:4700::6812:1f69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cjjy104.na1.hubspotlinks.com/Btc/WY+113/cjjy104/VVzrk72mj1XyW8s-npV7W_xBgW5LNP254xNd1gN1CRs-53lScmV1-WJV7CgC30N643cLvzbKLtW1pVv8g7j_bVMW4MxNjs44kNTMW1bYfLR1dlqTDW3K1yjK6Jncw5W8KT8jT4w6JYpW26r2Sd9ff-5SW6KVg4d8W3ynFW7SvtJM7XXR2qW4DnCpF1Zn4fxW7nzq5c9l0gzQW1frfc24c_VGQW7jr9Jg5W6TxNW1JNWQX1bkmp_W5gVp4v3cyC7KVG8zH16j5WjLW1bmy2P4THn3NW1_y3Qy7fgG3GW6Sm3gv6TBrzBW98XnKV8-Q7QxVZDCF023tJXGW8nZNM38n0Qh7W8NJlFL8WkwwXW3xdG8r5ZzwCMW5V67P36l-zwDVrjb8z4GMlx93nWP1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d81720bea8d3a39122e320fd2193ebd2b93b0df3ebebe9e0bb6e2468e2f0f3e

Request headers

:method: GET
:authority: cjjy104.na1.hubspotlinks.com
:scheme: https
:path: /Btc/WY+113/cjjy104/VVzrk72mj1XyW8s-npV7W_xBgW5LNP254xNd1gN1CRs-53lScmV1-WJV7CgC30N643cLvzbKLtW1pVv8g7j_bVMW4MxNjs44kNTMW1bYfLR1dlqTDW3K1yjK6Jncw5W8KT8jT4w6JYpW26r2Sd9ff-5SW6KVg4d8W3ynFW7SvtJM7XXR2qW4DnCpF1Zn4fxW7nzq5c9l0gzQW1frfc24c_VGQW7jr9Jg5W6TxNW1JNWQX1bkmp_W5gVp4v3cyC7KVG8zH16j5WjLW1bmy2P4THn3NW1_y3Qy7fgG3GW6Sm3gv6TBrzBW98XnKV8-Q7QxVZDCF023tJXGW8nZNM38n0Qh7W8NJlFL8WkwwXW3xdG8r5ZzwCMW5V67P36l-zwDVrjb8z4GMlx93nWP1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 22 Sep 2021 12:28:57 GMT
content-type: text/html;charset=utf-8
x-robots-tag: none
referrer-policy: no-referrer
vary: Accept-Encoding
x-hubspot-correlation-id: 647bb2e9-09c9-48ba-8bef-5cd6d3202669
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 692b89368f0063bf-FRA
content-encoding: br

GET
H2

200

Primary Request threat-hunting-and-detection-workshop Show response
go.chronicle.security/
Redirect Chain

https://cjjy104.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/WY+113/cjjy104/VVzrk72mj1XyW8s-npV7W_xBgW5LNP254xNd1gN1CRs-53lScmV1-WJV7CgC30N643cLvzbKLtW1pVv8g7j_bVMW4MxNjs44kNTMW1bYfLR1dlq...
https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgo...

28 KB
8 KB

126ms
35ms

Document
text/html

2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email

Requested by

Host: cjjy104.na1.hubspotlinks.com
URL: https://cjjy104.na1.hubspotlinks.com/Btc/WY+113/cjjy104/VVzrk72mj1XyW8s-npV7W_xBgW5LNP254xNd1gN1CRs-53lScmV1-WJV7CgC30N643cLvzbKLtW1pVv8g7j_bVMW4MxNjs44kNTMW1bYfLR1dlqTDW3K1yjK6Jncw5W8KT8jT4w6JYpW26r2Sd9ff-5SW6KVg4d8W3ynFW7SvtJM7XXR2qW4DnCpF1Zn4fxW7nzq5c9l0gzQW1frfc24c_VGQW7jr9Jg5W6TxNW1JNWQX1bkmp_W5gVp4v3cyC7KVG8zH16j5WjLW1bmy2P4THn3NW1_y3Qy7fgG3GW6Sm3gv6TBrzBW98XnKV8-Q7QxVZDCF023tJXGW8nZNM38n0Qh7W8NJlFL8WkwwXW3xdG8r5ZzwCMW5V67P36l-zwDVrjb8z4GMlx93nWP1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / HubSpot

Resource Hash

d54b5614ad34a45accdf60e48627b786317e2287f91befd503035e37505ca076

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: go.chronicle.security
:scheme: https
:path: /threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cjjy104.na1.hubspotlinks.com/Btc/WY+113/cjjy104/VVzrk72mj1XyW8s-npV7W_xBgW5LNP254xNd1gN1CRs-53lScmV1-WJV7CgC30N643cLvzbKLtW1pVv8g7j_bVMW4MxNjs44kNTMW1bYfLR1dlqTDW3K1yjK6Jncw5W8KT8jT4w6JYpW26r2Sd9ff-5SW6KVg4d8W3ynFW7SvtJM7XXR2qW4DnCpF1Zn4fxW7nzq5c9l0gzQW1frfc24c_VGQW7jr9Jg5W6TxNW1JNWQX1bkmp_W5gVp4v3cyC7KVG8zH16j5WjLW1bmy2P4THn3NW1_y3Qy7fgG3GW6Sm3gv6TBrzBW98XnKV8-Q7QxVZDCF023tJXGW8nZNM38n0Qh7W8NJlFL8WkwwXW3xdG8r5ZzwCMW5V67P36l-zwDVrjb8z4GMlx93nWP1

Response headers

date: Wed, 22 Sep 2021 12:28:57 GMT
content-type: text/html; charset=UTF-8
cache-control: s-maxage=10800, max-age=0
etag: W/"884ae5231b3ce1ceca6f3b58f2d22ca9"
last-modified: Fri, 17 Sep 2021 22:56:07 GMT
link: </hs/hsstatic/HubspotToolsMenu/static-1.109/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.37/bundles/project.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script
strict-transport-security: max-age=31536000
cache-tag: CT-54488895316,P-2567647,L-31443128356,CW-5736688541,CW-5736839117,CW-5736848326,CW-5737580814,CW-5738163906,E-31299782834,PGS-ALL,SW-4
content-security-policy: upgrade-insecure-requests
edge-cache-tag: CT-54488895316,P-2567647,L-31443128356,CW-5736688541,CW-5736839117,CW-5736848326,CW-5737580814,CW-5738163906,E-31299782834,PGS-ALL,SW-4
referrer-policy: no-referrer-when-downgrade
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cf-cache-status: HIT
x-hs-combine-css: Disabled
x-hs-content-id: 54488895316
x-hs-hub-id: 2567647
x-hs-prerendered: Fri, 17 Sep 2021 22:56:07 GMT
x-powered-by: HubSpot
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zd6Xl%2B9hnNOh9EYWGZbQnxFGT6f6gvQ7dKCK0Qvw11VV4L%2FNgiCcZiwEz%2B7nVFbk4gFaTxW97dW6OYegop4p%2F1O0Ru2uGebw8UkCvKlrinDn55IeUNFiQiruT%2BZZ3N3NSoGdh0mN8KAHoQ3KymAnlVq9IA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: __cfruid=86f9ed3c958b0bbba312980bdff10f3a58ce8d7f-1632313737; path=/; domain=.go.chronicle.security; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 692b893caafb5363-FRA
content-encoding: br
cf-h2-pushed: </hs/hsstatic/HubspotToolsMenu/static-1.109/js/index.js>,</hs/hsstatic/cos-i18n/static-1.37/bundles/project.js>,</_hcms/forms/v2.js>

Redirect headers

date: Wed, 22 Sep 2021 12:28:57 GMT
x-robots-tag: none
link: <https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email>; rel="canonical"
location: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
referrer-policy: no-referrer
x-hubspot-correlation-id: c3d2f6d7-5d96-429f-a0cf-08a0a90fddb0
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 692b89392f7063bf-FRA

GET
H2 200 index.js Show response
go.chronicle.security/hs/hsstatic/HubspotToolsMenu/static-1.109/js/ 52 KB
20 KB 1ms
0ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.chronicle.security/hs/hsstatic/HubspotToolsMenu/static-1.109/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

43ac0ae9e90f01a0afabe35cc0aaa377336aac90759e74770251de89db0af44c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:28:57 GMT
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3776708
x-amz-server-side-encryption: AES256
cf-ray: 692b893cdb515363-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Fri, 06 Aug 2021 19:39:07 GMT
server: cloudflare
etag: W/"d0801ffff23e81a99fd8046c0846ba93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GcsJNGJUErF61iDx8tOLQtkDDbgKqb3bhxLvo8skke9USfsMU7boplA0hM6osW3BefYaSesu%2BMCJxtp7GKzxCEgxg2mBNSw%2FhY2Ul8HifESo2l%2BY5nTMOXQLocgQe2zeh73e8HmDFm0rkIZkAWCyBmmqFg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: WCB.Owk3aP2vvRplDI.5pUwB8LkSH.e_
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: pSsLw65tntFDEdA1Wfzw2gZ1r1sYewn82AJ23gwJ4tbHPJEd6QN2gQ==
expires: Thu, 22 Sep 2022 12:28:57 GMT

GET
H2 200 project.js Show response
go.chronicle.security/hs/hsstatic/cos-i18n/static-1.37/bundles/ 1 KB
1 KB 4ms
0ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.chronicle.security/hs/hsstatic/cos-i18n/static-1.37/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

69aea70ed00c6297e407afc0b1ccf6db9629eedc412bf0779467f3e462d346e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:28:57 GMT
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8284975
x-amz-server-side-encryption: AES256
cf-ray: 692b893cdb525363-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA2-C2
content-encoding: br
last-modified: Mon, 14 Jun 2021 16:41:38 GMT
server: cloudflare
etag: W/"6c562b3f1d6a0148fda97d4847422c6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJrG7Q0IuLqyEe0fftCOHmNXJMeMO8KQQIagqIGSBBN3TJvzgbWlQ9zqM6uyRhw6BRUG0rLZJBiK3VSSapzQ3z6YGS%2FVaGbIarJVeZDabRiiAO83OTPj%2BIRZUHeTteOZbdrK6wViWAHAsClaiQLhV0HV9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: M9oUePGbwt7hrJpARSIQzQLaIi7kmGEy
cache-control: public, max-age=31536000
set-cookie: __cfruid=86f9ed3c958b0bbba312980bdff10f3a58ce8d7f-1632313737; path=/; domain=.go.chronicle.security; HttpOnly; Secure; SameSite=None
content-type: application/javascript
x-amz-cf-id: DUXbRLuhPxzxlhKqx2KMF2WMfvTtTR6IQDORvdAyUi-gNVGhIKhf-Q==
expires: Thu, 22 Sep 2022 12:28:57 GMT

GET
H2 200 v2.js Show response
go.chronicle.security/_hcms/forms/ 562 KB
144 KB 5ms
0ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.chronicle.security/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c83ead4df620cfe935b691ddd20665037e1582cae7bb3440a9e439e6f144cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:28:57 GMT
via: 1.1 4638ed8bcd9a9c4a4ffe655049a6e058.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 377
x-amz-server-side-encryption: AES256
cf-ray: 692b893cdb535363-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-cf-pop: IAD89-C3
content-encoding: br
last-modified: Mon, 20 Sep 2021 03:06:45 UTC
server: cloudflare
etag: W/"630c4058cadb3fc715f112d2cf6b796a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLYTY2vSh6K926nJwOaHwq2U2LkRRHhUDET0C%2FkDf7dKwiJFuZUF0L%2BdAQvkjwuIKfmtn3ZPkpzfgRQu4SkKtxnb9OiqCPNwYEBMTKRUxZX2VI8nHFXtJTF%2BwVE%2FN6aJuPfkzNsTHqTGqP0%2B%2BGXc8fqzeg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: DXYshb3V7aEOuJ9zF5pU.Zf9sZWNVJnH
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
set-cookie: __cfruid=86f9ed3c958b0bbba312980bdff10f3a58ce8d7f-1632313737; path=/; domain=.go.chronicle.security; HttpOnly; Secure; SameSite=None
content-type: application/javascript; charset=utf-8
x-amz-cf-id: yNHNqDDhFn5105LjP1Jio3wwrJjuOVHAzY7hF-Bi8oSrn6A33ZTm_Q==
x-hs-target-asset: FormsNext/static-5.375/bundles/project_with_deps.js

GET
H2 200 jquery-1.7.1.js Show response
go.chronicle.security/hs/hsstatic/jquery-libs/static-1.1/jquery/ 92 KB
35 KB 30ms
29ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.chronicle.security/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js

Requested by

Host: go.chronicle.security
URL: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:path: /hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js
pragma: no-cache
cookie: __cfruid=86f9ed3c958b0bbba312980bdff10f3a58ce8d7f-1632313737
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: go.chronicle.security
referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:28:57 GMT
via: 1.1 89a45b9ac94fb6c6e52c37fdd89a6cb1.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15866871
cf-ray: 692b893d4bf55363-FRA
x-cache: Hit from cloudfront
content-encoding: br
last-modified: Tue, 25 Nov 2014 17:03:30 GMT
server: cloudflare
etag: W/"ddb84c1587287b2df08966081ef063bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFN2HjAdun%2B%2BakVrYtTAS4bUQraWycD8IBQCZ2JS01s8gglqzWO1BMbiyRXYc%2FPOmwBNN%2FzX2p81Uvds5Ck8Nr543mvuA43ciRuEb46d2F2GOyUpPRtVYBwoJXUgaKT6TdQ17ibfZA4WKbkDyTQOH6gpYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
cache-control: public, max-age=31536000
x-amz-cf-pop: MUC50-C1
content-type: application/javascript
x-amz-cf-id: uvar5S_Za3dK85YyzXeF9Juu2xF5FRZKLPmzTFmNHquwiPqBpBjL9A==
expires: Thu, 22 Sep 2022 12:28:57 GMT

GET
H2 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1631885453430/hubspot/hubspot_default/shared/responsive/ 5 KB
2 KB 59ms
21ms Stylesheet
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1631885453430/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: go.chronicle.security
URL: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1631885453477
date: Wed, 22 Sep 2021 12:28:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 427930
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFAdAeQQ1N3vpYdJCbunTZ35BKB4RBEb9DYOYWamhR37V%2BzbAQV4twGWunOOUyHHglXyJ4ltDQugkTjKHyXQAYO0fIK9%2BE4T72KBx2mFP%2B04DRQ1Jf0RSzEu5xjA2EVGjfPXyzsrKLt9T28LguU%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
last-modified: Fri, 17 Sep 2021 13:30:54 GMT
server: cloudflare
etag: W/"0b0c633d59ab0af9553a98c0e7d97349"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-C1
cf-ray: 692b893d780f4e20-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Google_Cloud_New.min.css
go.chronicle.security/hs-fs/hub/2567647/hub_generated/template_assets/31299782834/1620685565141/Marketplace/HubSpot/Mahalo_Campaign_Pack/Coded_Files/ 9 KB
3 KB 27ms
26ms Stylesheet
text/css 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.chronicle.security/hs-fs/hub/2567647/hub_generated/template_assets/31299782834/1620685565141/Marketplace/HubSpot/Mahalo_Campaign_Pack/Coded_Files/Google_Cloud_New.min.css
Requested by: Host: go.chronicle.security
URL: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebe51d34c5ad99c66e22376a05b8932532034620bcc3e3f730b230d5b5819b75

Request headers

:path: /hs-fs/hub/2567647/hub_generated/template_assets/31299782834/1620685565141/Marketplace/HubSpot/Mahalo_Campaign_Pack/Coded_Files/Google_Cloud_New.min.css
pragma: no-cache
cookie: __cfruid=86f9ed3c958b0bbba312980bdff10f3a58ce8d7f-1632313737
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: go.chronicle.security
referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1620685565239
date: Wed, 22 Sep 2021 12:28:57 GMT
via: 1.1 b4346add631a498bf6cdbf88cbc5ff13.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 671
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: T46K6W5DTB2QRJXN
x-amz-id-2: zUfcsz4dnMB/0kj/diwHwqjhXeX2yKfj/QB8YB18bSv9ElN81xjbD6WWjDkRPSJ8M4fi8sNHlGs=
last-modified: Mon, 10 May 2021 22:26:06 GMT
server: cloudflare
etag: W/"78734167c137b4d31ced5eeac09c02ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqW8onXgH5A%2BQNFC9qyKG5e7kwmFxjU06CidVwKhQ7vQxJQTdkVmvtBA98ypwk2xTdz70AoLLaZsDS0qdYT8f956iJ2IJHwCCSizshd3ZWULwIyHcidfgAPGoxqZrePTcFaptkyPp6Ks%2Bbf%2FIoklVbmzwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: EcOKbMNKMCgExgjDVFN2RpD7vxl4fd.6
x-amz-cf-pop: IAD89-C1
cf-ray: 692b893d4bf75363-FRA
x-amz-cf-id: D4BWSY3NGucheOdz9EGM3J2kaqLso8A9UBQFcPlMz0XqgpYZwCI5XA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 62ms
22ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald|Source+Sans+Pro

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

981b06af9675762e267475ff94fc3387ae87f82b9ca4de81828a586bc4fe9904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 12:18:28 GMT
server: ESF
date: Wed, 22 Sep 2021 12:28:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Sep 2021 12:28:57 GMT

GET
H2 200 Google%20Cloud%20Security.png
go.chronicle.security/hs-fs/hubfs/ 19 KB
19 KB 697ms
697ms Image
image/png 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.chronicle.security/hs-fs/hubfs/Google%20Cloud%20Security.png?width=300&name=Google%20Cloud%20Security.png
Requested by: Host: go.chronicle.security
URL: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a3504be3c9d9a850e0e3f2eaa347616ca7e6b8e90b153f97429ccce4e47ab05

Request headers

:path: /hs-fs/hubfs/Google%20Cloud%20Security.png?width=300&name=Google%20Cloud%20Security.png
pragma: no-cache
cookie: __cfruid=86f9ed3c958b0bbba312980bdff10f3a58ce8d7f-1632313737
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.chronicle.security
referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:28:58 GMT
via: 1.1 88b63cb2f8aab28c7291262ffc15282f.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-32318590705,P-2567647,FLS-ALL
x-edge-origin-shield-skipped: 0
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 19024
last-modified: Wed, 15 Sep 2021 08:49:20 GMT
server: cloudflare
etag: "0b7f798d9521f7e72f12369d3977e7b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4R10BOwNdFQgBwxdf9bwhF%2BUpojSroKWaC69dwZzXsAESYIyVJOKeZ9HuDcDysRt9AeAX4bKzlG8usdov9LBN7vrNs9Xumt15ENLThr7LxqjP%2BBZWJjQ2vpLHBLRqrRNFrI4j3t2cF1j5bMWW7uORgLTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 692b893d8c765363-FRA
x-amz-cf-id: KgLI2U87ypuRfFu0MqogYmettwinSHOisrzbQlQGXyrLk8KLX2QXtA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Chronicle_Cloud_logo.png
go.chronicle.security/hs-fs/hubfs/ 3 KB
4 KB 37ms
36ms Image
image/webp 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.chronicle.security/hs-fs/hubfs/Chronicle_Cloud_logo.png?width=180&name=Chronicle_Cloud_logo.png
Requested by: Host: go.chronicle.security
URL: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d00af9ca31e70bc274c938dbbd9e0478834aa323447b09c416976d9f44c5aafa

Request headers

:path: /hs-fs/hubfs/Chronicle_Cloud_logo.png?width=180&name=Chronicle_Cloud_logo.png
pragma: no-cache
cookie: __cfruid=86f9ed3c958b0bbba312980bdff10f3a58ce8d7f-1632313737
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.chronicle.security
referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:28:57 GMT
via: 1.1 7e9d74c81117937f0703aa3977d2d999.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100714
cf-polished: origFmt=png, origSize=10796
edge-cache-tag: F-32458017384,P-2567647,FLS-ALL
x-edge-origin-shield-skipped: 0
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="Chronicle_Cloud_logo.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 3514
x-amz-server-side-encryption: AES256
last-modified: Mon, 20 Sep 2021 05:12:56 GMT
server: cloudflare
x-cache: RefreshHit from cloudfront
etag: "3f6da40b808fe7d17d0eba74471de6d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BJ5pQ1NJ9CpWK13GFdfI2JzFsDfMyZESmbXlWigNr2Uo9woFa9AlbuWASpklj5C%2FvqF5IKsQB24gqN3t2snqS5XEBDgo9yNhbebGp7yuAca%2BN7BcECknHwyJL6Wdh36KIFciiwSuBYvjOuGER5Req%2BLlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 692b893d8c775363-FRA
x-amz-cf-id: ZPiaTmMEliQYF3nDpBX8-Y_bT2zxmuHu1pZHo2S8gp_feqfwQmxteQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 2567647.js Show response
go.chronicle.security/hs/scriptloader/ 2 KB
1 KB 146ms
145ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.chronicle.security/hs/scriptloader/2567647.js
Requested by: Host: go.chronicle.security
URL: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3301673c773e2d3777176d9cb51aa0345a44e76794b127a418dda3f3b0d9cdf6

Request headers

:path: /hs/scriptloader/2567647.js
pragma: no-cache
cookie: __cfruid=86f9ed3c958b0bbba312980bdff10f3a58ce8d7f-1632313737
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: go.chronicle.security
referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:28:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 3db5d103-029d-4adb-9666-78e28ca92333
server: cloudflare
x-trace: 2BA5BF23FF4A22CE50DCAD9EA865F5518A2A9249CE000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXZrxm1ERdhVbsO4IHAwwRhC5ae8oKajU5zQrTVog1klhNXe47PXhD%2BiVzLNX9mWBV%2FeX3iaCyP%2BsIPnzttYjV5dVAR6V5IIg7IBA3TTMQpmLsflHUOzNlZcnAJXUTex%2BP0lBZ%2Fb8Hq8vzLIvjZ3MEMa3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 692b893d8c785363-FRA
expires: Wed, 22 Sep 2021 12:29:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 27 KB
1 KB 24ms
24ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Requested by

Host: go.chronicle.security
URL: https://go.chronicle.security/hs-fs/hub/2567647/hub_generated/template_assets/31299782834/1620685565141/Marketplace/HubSpot/Mahalo_Campaign_Pack/Coded_Files/Google_Cloud_New.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f859096ae2b753f5d7fec25ac5d59f567eeee8279ba6d42fe36c9f662e32ee51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/hs-fs/hub/2567647/hub_generated/template_assets/31299782834/1620685565141/Marketplace/HubSpot/Mahalo_Campaign_Pack/Coded_Files/Google_Cloud_New.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 12:16:28 GMT
server: ESF
date: Wed, 22 Sep 2021 12:28:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Sep 2021 12:28:57 GMT

GET
H2 200 d02ed1c5-9dbf-4fc1-bf04-3f37430e8a7b Show response
go.chronicle.security/_hcms/forms//embed/v3/form/2567647/ 56 KB
8 KB 166ms
165ms Script
application/javascript 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.chronicle.security/_hcms/forms//embed/v3/form/2567647/d02ed1c5-9dbf-4fc1-bf04-3f37430e8a7b?callback=hs_reqwest_0&hutk=

Requested by

Host: go.chronicle.security
URL: https://go.chronicle.security/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

369332b7f6d131bb5570271fd6c41659ab8dd2d24f37634ef3a3c05a0983fa12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /_hcms/forms//embed/v3/form/2567647/d02ed1c5-9dbf-4fc1-bf04-3f37430e8a7b?callback=hs_reqwest_0&hutk=
pragma: no-cache
cookie: __cfruid=86f9ed3c958b0bbba312980bdff10f3a58ce8d7f-1632313737
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: go.chronicle.security
referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 37ddae6c-4bb7-488b-aa70-eaf034384dd6
cf-ray: 692b893ded375363-FRA
content-disposition: attachment; filename=no-rfd.txt
vary: Accept-Encoding
server: cloudflare
x-trace: 2BE2518D9DB4BE74BF7B2E4131136C6DED3591BAFE000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOcC0yPQmy%2FFUQ%2FOpkX4EgnTocNaomf31CR5pT5xk0%2BcEIssikKsV%2F5EyqJ%2FgBiuo3kNi%2FAqlNInwLLnEuzqHXvKBToGeSArWYTdw95iwiQb6EsbJbNWjC2IyNvCJzNtPeqqHVI6TRUVnRUjDmC4G9uVJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
770 B 215ms
177ms Script
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=2567647&callback=jsonpHandler

Requested by

Host: go.chronicle.security
URL: https://go.chronicle.security/hs/hsstatic/HubspotToolsMenu/static-1.109/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-hs-worker-debug-mode: false
server: cloudflare
x-hubspot-correlation-id: bc4345b4-8a1e-41c0-9513-adaea40d73af
x-trace: 2BCCD5EA87EC5689B73743133FA3C50AE85D0E430B000000000000000000
date: Wed, 22 Sep 2021 12:28:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
cf-cache-status: DYNAMIC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 692b893e5b42430f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 2567647.js Show response
js.hs-banner.com/ 62 KB
16 KB 42ms
22ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2567647.js
Requested by: Host: go.chronicle.security
URL: https://go.chronicle.security/hs/scriptloader/2567647.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e75760925c200e4fbaae0e2201397de7e4443a14dd66ffbda6be040873560aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:28:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 105
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: 9YWW4JNQ1AYCCMR5
x-amz-id-2: 7uHpOb22uP01TX8OKQrJuenrZ1h5j0H09pDhmAxgCbccxmxmWp9y0DspYFCo97hitZpFcmf9ifc=
timing-allow-origin: *
last-modified: Fri, 03 Sep 2021 19:38:00 GMT
server: cloudflare
etag: W/"650240f98e132ff19128173919612ca2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: j5T9VqU5yUaONePBw4AfeD38qbY.JJQ2
access-control-allow-origin: https://chronicle.security
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 692b893e9e542bb9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 22 Sep 2021 12:32:13 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 80 KB
21 KB 54ms
17ms Script
application/javascript 2606:4700::6811:eecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: go.chronicle.security
URL: https://go.chronicle.security/hs/scriptloader/2567647.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 832fcb7a625f828fb8cd99e39ef1b9abe50f1bc164a0aeeeed1ef15fa7505deb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:28:58 GMT
via: 1.1 8d6071bd169bbf5fd46638140132b1d1.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 556
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9209/bundles/project.js&cfRay=692b7bab9c444345-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Thu, 16 Sep 2021 05:13:43 UTC
server: cloudflare
etag: W/"cecb2964faa8bf5b647ff0431628c01f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: HAX2I11puR0RrwmgvE3LmLBDwNOOTMQz
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 692b893ebc09061c-FRA
x-amz-cf-id: o4rgcpFKxMw-y7hhYHmnXXfZl-ua5Sf5dVFs7QD-63GK_rEK1aLCJQ==
x-hs-target-asset: conversations-embed/static-1.9209/bundles/project.js

GET
H2 200 2567647.js Show response
js.hs-analytics.net/analytics/1632313500000/ 62 KB
20 KB 41ms
20ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1632313500000/2567647.js
Requested by: Host: go.chronicle.security
URL: https://go.chronicle.security/hs/scriptloader/2567647.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7fe50bf55f13fb3cb304746a6f8537149bfc03b12befa367be2a3cf1ac9e230

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:28:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 105
x-amz-server-side-encryption: AES256
x-amz-request-id: R38SB4G801BZZKM2
x-amz-id-2: /ZQxKhFNxFHCK2TDeKShe8yBs2ssFAthYv3qS6P8Lxyt1Q+UIy6I2bJms9Z38u8UOnduJNDxb/4=
last-modified: Mon, 19 Jul 2021 14:25:36 GMT
server: cloudflare
etag: W/"abe9f1c9bd30b87bf492f1ba55d48317"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-ray: 692b893e9fe442d5-FRA
expires: Wed, 22 Sep 2021 12:32:13 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 81 KB
26 KB 58ms
21ms Script
application/javascript 2606:4700::6811:82ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: go.chronicle.security
URL: https://go.chronicle.security/hs/scriptloader/2567647.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:82ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7b861c1a9a573b57465a6c661e88035def5f5891941ae94900a02e4c2ba2b14

Request headers

Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
Origin: https://go.chronicle.security
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:28:58 GMT
via: 1.1 2f66aa06710fece8ed203ab0ea81eb56.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 16906
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.243/bundles/project.js&cfRay=6929ec842abf1f55-IAD
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 692b893eb9fcdfeb-FRA
last-modified: Mon, 26 Jul 2021 08:57:16 UTC
server: cloudflare
etag: W/"71e1b9bc533ea0484715e256cd176305"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: B7tJDnPGhJYQnx9vLunWV_JVNjkGgLI4
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: fwX9Sqe_iGRqtpixuVxxP4HDlZMWN2_2zfAusJrUOgVcvkklKohbyw==
x-hs-target-asset: collected-forms-embed-js/static-1.243/bundles/project.js

GET
H2 200 widget Show response
go.chronicle.security/_hcms/livechat/ 505 B
1 KB 169ms
168ms XHR
application/json 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.chronicle.security/_hcms/livechat/widget?portalId=2567647&conversations-embed=static-1.9209&mobile=false&messagesUtk=9e7c2a35e6084e878984b83251d2e87e&traceId=9e7c2a35e6084e878984b83251d2e87e

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b56dd801aadcf9ed9b031925d58f42b4d963b91e3d104e13e00f9b95f307977a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: __cfruid=86f9ed3c958b0bbba312980bdff10f3a58ce8d7f-1632313737
x-hubspot-messages-uri: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
:path: /_hcms/livechat/widget?portalId=2567647&conversations-embed=static-1.9209&mobile=false&messagesUtk=9e7c2a35e6084e878984b83251d2e87e&traceId=9e7c2a35e6084e878984b83251d2e87e
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: go.chronicle.security
referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
Accept-Language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email

Response headers

date: Wed, 22 Sep 2021 12:28:58 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 37c488a4-fe1d-4c33-b4dc-a981a0812b7d
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
x-trace: 2B6BBBC7C302F1BAA3A6A6F134B7BD233FFF1EF6B9000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qd4GLglimQ%2Fqgs1l3B2UvtB86xFv0jqAqO3Mb53Q%2Bb2KbIoXv2gXMbcICaxiUfjv3wfN8g8yhLr6o4zcRsu1jcj5nnWIKbKCySpjffc3%2B5LTCPY4yPcnUfp%2BNhtrX4PjcJeRek%2BmzoGiHAiNaz%2B3h9Tk1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
set-cookie: __cf_bm=cV.R.bvvfsF4DKIW1OMw0x1vsjtHcn8byNAvP2mUb64-1632313738-0-ARn9c8c4YnZgTyobh1f79CGHq2LA3U0UjOB696+pR1Mn9LqVZhqZsOHFGyVNdyIciCMuYaInQH4Ne2ENpkQAhiI=; path=/; expires=Wed, 22-Sep-21 12:58:58 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
cf-ray: 692b893efeed5363-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1 KB 136ms
114ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=2567647&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25286d703edf1bc82c9d35d812f5c0a65ffaf91f4fda670991fef8280bd9d8df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:28:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: a1e0fd44-982c-468c-8900-656e3e70b18a
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrluNdP0U4W7Y57wmruh8B%2FA9I5JcVqeKgokyCdSOiChmsY%2FGUiiee0otIK6GjDNkP25UF7UPVRCAGTI2RmJ5pT9GJD7G14kgLaxGelmOM%2FVSgmVQd1SqEqw4maPp%2BSdHnV1i8ubN0tSdM0RMzKp"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://go.chronicle.security
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 692b893f4ffadfdb-FRA
access-control-allow-headers: *

GET
H2 404 contact-sales-arrow.svg
go.chronicle.security/images/contact/ 10 KB
10 KB 1310ms
1310ms Image
text/html 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.chronicle.security/images/contact/contact-sales-arrow.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

28263f6c7782433278b0582da738686c5c1367bdd1519017deb68350a2e74a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /images/contact/contact-sales-arrow.svg
pragma: no-cache
cookie: __cfruid=86f9ed3c958b0bbba312980bdff10f3a58ce8d7f-1632313737
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.chronicle.security
referer: https://go.chronicle.security/hs-fs/hub/2567647/hub_generated/template_assets/31299782834/1620685565141/Marketplace/HubSpot/Mahalo_Campaign_Pack/Coded_Files/Google_Cloud_New.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/hs-fs/hub/2567647/hub_generated/template_assets/31299782834/1620685565141/Marketplace/HubSpot/Mahalo_Campaign_Pack/Coded_Files/Google_Cloud_New.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:28:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f121fa24-d085-4590-a396-681d752adc65
x-hubspot-notfound: true
x-hs-reason: No view mapper found to handle request
server: cloudflare
x-trace: 2B04F938CCDF39BC1987A82AB0C1C0E93C74BF314A000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcIg1UXEi9M1EhwWk1NW%2FAAsUpUusMkFIY3vBBVWMKmmxcHrawv7%2B5NQ0jv2FW6DEH%2FKvSUulNRfFIpMDGw6f1AUdwlQDsZIOX9WYPEUHt74otKNe%2F5VgcgRC40DUIV2DHoIchvMV0sHJFqoQ%2Fgk8sRyrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: s-maxage=5,max-age=5
access-control-allow-credentials: false
cf-ray: 692b893f6fc85363-FRA

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
519 B 161ms
136ms Image
image/gif 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:28:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: a6338e70-46fc-4159-baf0-4b0de6e73396
x-trace: 2B7FB00B34AB454980A3901BEA332430173FAE5159000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 692b89402f4b4e43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
x-robots-tag: none

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner/activity/ 0
0 150ms
118ms Preflight
application/octet-stream 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner/activity/view
Protocol: H2
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://go.chronicle.security
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 22 Sep 2021 12:28:59 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://go.chronicle.security
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 692b8947d8652c2a-FRA

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner/activity/ 0
108 B 423ms
423ms XHR
text/plain 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner/activity/view
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/2567647.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

timing-allow-origin: *
date: Wed, 22 Sep 2021 12:29:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 97bcd411-c81a-40a8-8d8a-336052112637
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://go.chronicle.security
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 692b89489a3d2c2a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
523 B 32ms
31ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3169173831&v=1.1&a=2567647&pi=54488895316&ct=landing-page&ccu=https%3A%2F%2Fgo.chronicle.security%2Fthreat-hunting-and-detection-workshop&cpi=54488895316&lpi=54488895316&lvi=54488895316&pu=https%3A%2F%2Fgo.chronicle.security%2Fthreat-hunting-and-detection-workshop%3Futm_medium%3Demail%26_hsmi%3D162320072%26_hsenc%3Dp2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM%26utm_content%3D162320072%26utm_source%3Dhs_email&t=Threat+Hunting+and+Detection+Virtual+Workshop&cts=1632313739470&vi=e8f3a0c995bcffb7d36e10c86c106f71&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:28:59 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f21517c9-2b6b-4e5a-b3a2-ce8c5c21ae82
cf-ray: 692b8947ec29430f-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mwHuH6KiP6b5drK%2B0Mzapcb9ywtJmRmUTxn9qgg2zXAKSRH2C57g3Dg9j9QWNOiWcOX8OVsTAW%2FHRo5lCpoFIIl%2FgVpSqwm6V9%2Bu7E72T6AZli%2FGuxtwPf01Vlhg7nBk6OHnWP59bXV2snLLX8b"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
363 B 35ms
34ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=d02ed1c5-9dbf-4fc1-bf04-3f37430e8a7b&fci=e6df6e64-e5af-4ea2-a6d4-f74310dd003b&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3169173831&v=1.1&a=2567647&pi=54488895316&ct=landing-page&ccu=https%3A%2F%2Fgo.chronicle.security%2Fthreat-hunting-and-detection-workshop&cpi=54488895316&lpi=54488895316&lvi=54488895316&pu=https%3A%2F%2Fgo.chronicle.security%2Fthreat-hunting-and-detection-workshop%3Futm_medium%3Demail%26_hsmi%3D162320072%26_hsenc%3Dp2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM%26utm_content%3D162320072%26utm_source%3Dhs_email&t=Threat+Hunting+and+Detection+Virtual+Workshop&cts=1632313739477&vi=e8f3a0c995bcffb7d36e10c86c106f71&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:28:59 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 2443a2d9-13c5-4319-ab60-a8e69b693781
cf-ray: 692b8947ec28430f-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dz6a5fT78U4llC%2BOMIpC2VWPJSXyKH7csa92Ouz1k%2FhKf%2BS43rGOZaXzvAhydPe%2B6MfJSumitEPUqRMdwUHhyuDoqvrzYs8%2BUvg2Ok4K7Ix58ctUh9qfEBwsPCXLltukAjHfG2MWz1%2BrvRnltj%2BC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
360 B 33ms
32ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=d02ed1c5-9dbf-4fc1-bf04-3f37430e8a7b&fci=e6df6e64-e5af-4ea2-a6d4-f74310dd003b&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3169173831&v=1.1&a=2567647&pi=54488895316&ct=landing-page&ccu=https%3A%2F%2Fgo.chronicle.security%2Fthreat-hunting-and-detection-workshop&cpi=54488895316&lpi=54488895316&lvi=54488895316&pu=https%3A%2F%2Fgo.chronicle.security%2Fthreat-hunting-and-detection-workshop%3Futm_medium%3Demail%26_hsmi%3D162320072%26_hsenc%3Dp2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM%26utm_content%3D162320072%26utm_source%3Dhs_email&t=Threat+Hunting+and+Detection+Virtual+Workshop&cts=1632313739501&vi=e8f3a0c995bcffb7d36e10c86c106f71&nc=true&ce=false&pt=1&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:28:59 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9987a872-8cfc-46a8-a66f-68af10c10c5b
cf-ray: 692b8947ec25430f-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oc0%2FPrj0dIYW%2FPKF14uAh8ipfkra%2FPBMyEkDnk9aQ7%2BrqV3SirZteUTvMQkb6ayTF9us0bS1OnIj1NsAR7oF3MJL%2BnuCyFbolwCaZLgBuToeTjyuWGhUZ2jKft6gq2ugBEO5Ei50pKR5Z0O2%2BILL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

POST
H2 200 perf Show response
go.chronicle.security/_hcms/ 2 B
432 B 196ms
195ms XHR
text/plain 2606:2c40::c73c:67e4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.chronicle.security/_hcms/perf
Requested by: Host: go.chronicle.security
URL: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-fetch-mode: cors
origin: https://go.chronicle.security
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: __cfruid=86f9ed3c958b0bbba312980bdff10f3a58ce8d7f-1632313737
content-length: 1010
:path: /_hcms/perf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: go.chronicle.security
referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://go.chronicle.security/threat-hunting-and-detection-workshop?utm_medium=email&_hsmi=162320072&_hsenc=p2ANqtz-8i_rnISc6srMKHvXJra6_pSKQUOG8qjHJlT1eF614ExeHFUzpWKE38Pi2HF5ugH2mzF_RVlXyRu_w9rgoCA3clKhA517OKrNprgxYKa9IzDDVjEHM&utm_content=162320072&utm_source=hs_email
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/json

Response headers

cf-ray: 692b895a5e8c5363-FRA
date: Wed, 22 Sep 2021 12:29:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-hubspot-correlation-id: 74f74db3-bfd4-455b-a65d-04b4bdf84780
x-trace: 2B81E2E101B4B770EBA3058C6ACFD09D326724E154000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2ivXgHmwR2x9NkSnUPhm1oYKLQ2T7xrWD0uHrUyCd6QR8cNNF6bVpuvIZSV7larsyjYPgMj2VjqxzBBMKggJKguP46r3oW3YH5iixhQi%2BHoXhHKQDQ3lZDWrEiA0IxWEm8Owbk5ivCDbSQnSW%2Bmw8FgKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-credentials: false
x-robots-tag: none
content-length: 2

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.go.chronicle.security/	1969-12-31 23:59:59	Name: __cfruid Value: 86f9ed3c958b0bbba312980bdff10f3a58ce8d7f-1632313737
			.hubspot.com/	1970-01-19 21:25:15	Name: __cf_bm Value: zZsdMcoi6YOJFKtB7XL8qg2prMN7rGrk3otZOWttwoA-1632313738-0-Ab+hKor+zG2KWovoCPDE6yjFze+/rR+a9wJknGcvGpB3oQOI3gB5IUqXPANtqMJphGHOMf5RVIhR4j66xHVommE=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://go.chronicle.security/images/contact/contact-sales-arrow.svg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.hubspot.com
cdn2.hubspot.net
cjjy104.na1.hubspotlinks.com
fonts.googleapis.com
forms.hsforms.com
forms.hubspot.com
go.chronicle.security
js.hs-analytics.net
js.hs-banner.com
js.hscollectedforms.net
js.usemessages.com
track.hubspot.com
2606:2c40::c73c:67e4
2606:4700::6810:5905
2606:4700::6811:47b0
2606:4700::6811:82ab
2606:4700::6811:eecc
2606:4700::6811:f2cc
2606:4700::6812:15bf
2606:4700::6812:1f69
2606:4700::6813:9b53
2a00:1450:4001:830::200a
0a3504be3c9d9a850e0e3f2eaa347616ca7e6b8e90b153f97429ccce4e47ab05
25286d703edf1bc82c9d35d812f5c0a65ffaf91f4fda670991fef8280bd9d8df
28263f6c7782433278b0582da738686c5c1367bdd1519017deb68350a2e74a6e
3301673c773e2d3777176d9cb51aa0345a44e76794b127a418dda3f3b0d9cdf6
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170
369332b7f6d131bb5570271fd6c41659ab8dd2d24f37634ef3a3c05a0983fa12
43ac0ae9e90f01a0afabe35cc0aaa377336aac90759e74770251de89db0af44c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
69aea70ed00c6297e407afc0b1ccf6db9629eedc412bf0779467f3e462d346e3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
832fcb7a625f828fb8cd99e39ef1b9abe50f1bc164a0aeeeed1ef15fa7505deb
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8c83ead4df620cfe935b691ddd20665037e1582cae7bb3440a9e439e6f144cd9
8d81720bea8d3a39122e320fd2193ebd2b93b0df3ebebe9e0bb6e2468e2f0f3e
981b06af9675762e267475ff94fc3387ae87f82b9ca4de81828a586bc4fe9904
9e75760925c200e4fbaae0e2201397de7e4443a14dd66ffbda6be040873560aa
b56dd801aadcf9ed9b031925d58f42b4d963b91e3d104e13e00f9b95f307977a
c7fe50bf55f13fb3cb304746a6f8537149bfc03b12befa367be2a3cf1ac9e230
d00af9ca31e70bc274c938dbbd9e0478834aa323447b09c416976d9f44c5aafa
d54b5614ad34a45accdf60e48627b786317e2287f91befd503035e37505ca076
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebe51d34c5ad99c66e22376a05b8932532034620bcc3e3f730b230d5b5819b75
f7b861c1a9a573b57465a6c661e88035def5f5891941ae94900a02e4c2ba2b14
f859096ae2b753f5d7fec25ac5d59f567eeee8279ba6d42fe36c9f662e32ee51

go.chronicle.security Open in urlscan Pro 2606:2c40::c73c:67e4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

100 %HTTPS

100 %IPv6

10 Domains

12 Subdomains

10 IPs

2 Countries

350 kBTransfer

1163 kBSize

2 Cookies

4 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

go.chronicle.security Open in urlscan Pro
2606:2c40::c73c:67e4 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

100 %
IPv6

10
Domains

12
Subdomains

10
IPs

2
Countries

350 kB
Transfer

1163 kB
Size

2
Cookies

29 HTTP transactions
0 data transactions