awakesecurity.com Open in urlscan Pro
172.67.74.98 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
Submission Tags: falconsandbox
Submission: On May 09 via api (May 9th 2022, 9:46:35 am UTC) from US — Scanned from DE

Summary HTTP 100 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 39 IPs in 5 countries across 37 domains to perform 100 HTTP transactions. The main IP is 172.67.74.98, located in United States and belongs to CLOUDFLARENET, US. The main domain is awakesecurity.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 17th 2021. Valid for: a year.

This is the only time awakesecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	172.67.74.98 172.67.74.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6811:b649	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.8.13.190 3.8.13.190	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dcc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	167.99.251.246 167.99.251.246	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
1 4	18.168.5.55 18.168.5.55	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6810:5905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	138.199.37.226 138.199.37.226	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
3	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	34.117.177.207 34.117.177.207	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eecc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:73b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2606:4700::68... 2606:4700::6811:5d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:cacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
100	39

18 172.67.74.98 (United States)

ASN13335 (CLOUDFLARENET, US)

awakesecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b649 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.8.13.190 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-8-13-190.eu-west-2.compute.amazonaws.com

hubspot.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ga.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:7::17d8:4dcc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.99.251.246 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

front.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.168.5.55 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-5-55.eu-west-2.compute.amazonaws.com

x.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.37.226 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-226.datapacket.com

gs-cdn.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.177.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.177.117.34.bc.googleusercontent.com

jfapiprod.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:73b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:5d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cacc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	awakesecurity.com awakesecurity.com	458 KB
7	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 7344 app.hubspot.com — Cisco Umbrella Rank: 10904 track.hubspot.com — Cisco Umbrella Rank: 4194	23 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 755	118 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 13185	261 KB
5	optimonk.com front.optimonk.com — Cisco Umbrella Rank: 24524 gs-cdn.optimonk.com — Cisco Umbrella Rank: 29857 jfapiprod.optimonk.com — Cisco Umbrella Rank: 27416	50 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	59 KB
5	gstatic.com fonts.gstatic.com	126 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 899 www.linkedin.com — Cisco Umbrella Rank: 787 px4.ads.linkedin.com — Cisco Umbrella Rank: 4880	3 KB
4	clearbitjs.com 1 redirects x.clearbitjs.com — Cisco Umbrella Rank: 35156	49 KB
3	google.de www.google.de — Cisco Umbrella Rank: 3632	674 B
3	google.com www.google.com — Cisco Umbrella Rank: 20	674 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 stats.g.doubleclick.net — Cisco Umbrella Rank: 175	2 KB
3	clearbit.com hubspot.clearbit.com — Cisco Umbrella Rank: 221452 ga.clearbit.com — Cisco Umbrella Rank: 57533 app.clearbit.com — Cisco Umbrella Rank: 37487	8 KB
3	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 15177	33 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	427 B
2	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 7740	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 195	114 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1589	7 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 88	52 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111	2 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 922	322 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 6143	907 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 746	14 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 5887	3 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 8857	22 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 4062	20 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 4045	16 KB
1	t.co t.co — Cisco Umbrella Rank: 563	337 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 800	354 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 963	10 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 4381	983 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 17575	204 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 1085	457 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	66 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 11255	147 KB
0	blindspot.ai Failed img.blindspot.ai Failed
100	37

	Domain	Requested by
18	awakesecurity.com	awakesecurity.com
7	cdn.cookielaw.org	awakesecurity.com cdn.cookielaw.org
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
5	www.google-analytics.com	www.googletagmanager.com cdn.bizible.com awakesecurity.com
5	fonts.gstatic.com	fonts.googleapis.com
4	api.hubspot.com	cdn.bizible.com static.hsappstatic.net
4	x.clearbitjs.com	1 redirects awakesecurity.com x.clearbitjs.com
3	www.google.de	awakesecurity.com
3	www.google.com	awakesecurity.com
3	front.optimonk.com	awakesecurity.com front.optimonk.com cdn.bizible.com
3	cdn.bizible.com	awakesecurity.com cdn.bizible.com
2	track.hubspot.com
2	www.facebook.com	awakesecurity.com
2	px.ads.linkedin.com	2 redirects
2	stats.g.doubleclick.net	cdn.bizible.com
2	forms.hsforms.com	cdn.bizible.com
2	connect.facebook.net	awakesecurity.com connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com js.hsadspixel.net
2	www.youtube.com	awakesecurity.com www.youtube.com
2	fonts.googleapis.com	awakesecurity.com js.hsforms.net
1	bam.nr-data.net	js-agent.newrelic.com
1	api.hubapi.com	cdn.bizible.com
1	js-agent.newrelic.com	awakesecurity.com
1	app.hubspot.com	js.usemessages.com
1	app.clearbit.com	cdn.bizible.com
1	ga.clearbit.com	www.googletagmanager.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	jfapiprod.optimonk.com	gs-cdn.optimonk.com
1	t.co	awakesecurity.com
1	analytics.twitter.com	awakesecurity.com
1	px4.ads.linkedin.com	awakesecurity.com
1	www.linkedin.com	1 redirects
1	gs-cdn.optimonk.com	front.optimonk.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	static.ads-twitter.com	awakesecurity.com
1	js.hs-scripts.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.bizibly.com	awakesecurity.com
1	hubspot.clearbit.com	awakesecurity.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.googletagmanager.com	awakesecurity.com
1	js.hsforms.net	awakesecurity.com
0	img.blindspot.ai Failed	awakesecurity.com
100	46

This site contains links to these domains. Also see Links.

Domain
www.arista.com
github.com
www.crowdstrike.com
twitter.com
www.linkedin.com
www.facebook.com
www.instagram.com
www.youtube.com
www.onetrust.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-17` - `2022-06-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-30` - `2022-07-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
clearbit.com Amazon	`2021-08-27` - `2022-09-25`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.optimonk.com AlphaSSL CA - SHA256 - G2	`2021-04-19` - `2022-05-21`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-15` - `2022-05-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
gs-cdn.optimonk.com R3	`2022-04-14` - `2022-07-13`	3 months	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
jfapiprod.optimonk.com GTS CA 1D4	`2022-04-13` - `2022-07-12`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
clearbitjs.com Amazon	`2022-02-18` - `2023-03-18`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
Frame ID: FE8F6417EFD96AE99D86240ED29D5261
Requests: 90 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/3455675/threads/utk/b64a7f4c511e49f48648f09491bc38d8?uuid=af02b35d5f474a03aa8c84d26f9479ad&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=awakesecurity.com&inApp53=false&messagesUtk=b64a7f4c511e49f48648f09491bc38d8&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 861CCCF7A4AA1683AFFC598EA2F9003C
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6DDF5E52ECC083EB0BC2C25B834AE364
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Catching the White Stork in Flight with Multiple Techniques and Tools.Back ButtonFilter Button

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

100
Requests

97 %
HTTPS

64 %
IPv6

37
Domains

46
Subdomains

39
IPs

5
Countries

1682 kB
Transfer

4621 kB
Size

38
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.arista.com/en/company/news/press-release/11750-pr-20200928
Title: Awake Security is now Arista NDR

Search URL Search Domain Scan URL

URL: https://github.com/cobbr/SharpSploit
Title: SharpSploit

Search URL Search Domain Scan URL

URL: https://github.com/adrecon/ADRecon
Title: ADRecon

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.com/blog/getting-the-bacon-from-cobalt-strike-beacon/
Title: CrowdStrike

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Catching%20the%20White%20Stork%20in%20Flight&url=https://awakesecurity.com/blog/catching-the-white-stork-in-flight/&via=AwakeSecurity
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=1&url=https://awakesecurity.com/blog/catching-the-white-stork-in-flight/&title=Catching%20the%20White%20Stork%20in%20Flight&summary=Executive%20Summary%20Arista%E2%80%99s%20Awake%20Labs%20team%20responded%20to%20a%20cybersecurity%20incident%20with%20a%20campaign%20that%20has%20been%20active%20since%20at%20least%20October%202020,%20which%20we%20are%20labeling%20Operation%20White%20Stork.%20This%20campaign%20utilized%20multiple%20techniques%20and%20tools%20including%20Cobalt%20Strike%20Beacon,%20the%20MetaSploit%20Framework,%20Mimikatz,%20SharpSploit%20and%20exfiltration%20using%20rclone.%20Awake%E2%80%99s%20analysis%20showed%20that%20the%20[%E2%80%A6]&source=https://awakesecurity.com/
Title: Share

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/kieran-evans-77632427/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/awake-security
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/AwakeSecurity
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AwakeSecurity/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/awake_security/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/AwakeSecurity
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.arista.com/en/privacy-policy#Cookie_Policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/clearbit.js HTTP 302
https://x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/tags.js?reveal=false&reveal_async=false&tracking=true&tracking_auto_page_events=false&tracking_cookies=true&tracking_legacy=true

Request Chain 53

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1652089586538&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D116994%26time%3D1652089586538%26url%3Dhttps%253A%252F%252Fawakesecurity.com%252Fblog%252Fcatching-the-white-stork-in-flight%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1652089586538&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1652089586538&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&liSync=true&e_ipv6=AQIzUTTaG37aQQAAAYCoNoV2wF80CuzR6u66vQPLtd0ULpukP22UXWmNNadk6QsQ3QYnq-Q

100 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
awakesecurity.com/blog/catching-the-white-stork-in-flight/ 116 KB
29 KB 753ms
717ms Document
text/html 172.67.74.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2968919dbc80c508f7ab0d60e7b1c9dfb7967135ff892f672c37963b325654cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: public, max-age=600
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 70898204f823916a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 09 May 2022 09:46:26 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://awakesecurity.com/?p=8841>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dD29OBJW3%2BrS5fC7QKDoS8kn7q8VRLu2jLIxEDl6fjyVxnXfyrZqw%2BU6KL4lcraf0nFjDqrkgmV2nThNPbMY9xWPlLLyLuCKQaAgWB92xxB5cuo%2BYwrRYXaIaIYv7tn98QO5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=300
traceparent: 00-fcce1b39dc3646f1a8c29766b7b861f0-db8d83690167087f-00
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-cloud-trace-context: fcce1b39dc3646f1a8c29766b7b861f0/15820445553040754815;o=0
x-frame-options: deny
x-pantheon-styx-hostname: styx-fe4-b-6796575f45-qftvj
x-served-by: cache-mdw17357-MDW, cache-hhn4025-HHN
x-styx-req-id: e4542262-cf7c-11ec-a129-9eebd10ae2ff
x-timer: S1652089585.465009,VS0,VE671

GET
H2 200 style.min.css
awakesecurity.com/wp-includes/css/dist/block-library/ 81 KB
12 KB 23ms
23ms Stylesheet
text/css 172.67.74.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2377175
x-pantheon-styx-hostname: styx-fe4-a-7c8dd69879-6w62l
x-cache: HIT, HIT
x-cloud-trace-context: 1d487caabf5d46c8897bf82b919217e0/11002988997109374712;o=0
content-encoding: br
x-served-by: cache-mdw17326-MDW, cache-fra19128-FRA
last-modified: Mon, 11 Apr 2022 16:42:31 GMT
server: cloudflare
traceparent: 00-1d487caabf5d46c8897bf82b919217e0-98b27832503c5ef8-00
x-timer: S1649712412.735449,VS0,VE2
etag: W/"62545a77-145db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSLYERMM13Bhyt5dnz5TIi32Ho8%2FrlWLr05%2BsSHbqhJdutLFnye%2BMtK1og5IFU7l6C69qQ175%2BJpOcwGfnYXKJMY4tBYRYdkQ8UIo2DRo6t0%2FsZG44EBngn6pVHAJF%2BVcQkR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: ec5072d6-b9b6-11ec-ac28-5a71cabf4831
expires: Wed, 12 Apr 2023 16:46:24 GMT
cache-control: max-age=31622400
cf-ray: 7089820999dc916a-FRA
x-cache-hits: 1, 1

GET
H2 200 awake.css
awakesecurity.com/wp-content/themes/awake19/assets/dist/ 70 KB
13 KB 24ms
24ms Stylesheet
text/css 172.67.74.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1651985550&ver=5.9.3

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34cdaf5ee94e8484cb6ecfd7cdfba2d0078977550770df9dd08d4622507eb69c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102696
cf-polished: origSize=91765
x-cache: HIT, MISS
x-cloud-trace-context: 60fe58973ab147218c820d5071a0167f/9584787486381495173;o=0
x-cache-hits: 1, 0
cf-bgj: minify
content-encoding: br
x-served-by: cache-mdw17357-MDW, cache-fra19137-FRA
last-modified: Fri, 06 May 2022 18:53:26 GMT
server: cloudflare
traceparent: 00-60fe58973ab147218c820d5071a0167f-8504016fbd60d385-00
x-timer: S1651986890.032149,VS0,VE108
etag: W/"62756ea6-16675"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ZcDGGEAmyfVlZp4s66akhSP4B1irtz7yHN7II7Q2Bta96fElqAgfUmeADW3eUpT2P79G1A4E16ILS50JqJdj0l7JHfLMD5VU9KKegdoLWk4uJPkdZUdcouyDAwYQcrk%2FKyW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: c5f02888-ce8b-11ec-b7af-5a0cb69705dc
expires: Tue, 09 May 2023 05:00:25 GMT
cache-control: max-age=31622400
cf-ray: 7089820999e0916a-FRA
x-pantheon-styx-hostname: styx-fe4-b-6796575f45-qhppw

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C600%7CQuattrocento%3A400%2C700&ver=5.9.3

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67a5c517c6c560ab802ea399c5f6d4d7c0c261957d497c4006ae1ea9522f099d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 May 2022 09:46:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 09 May 2022 09:46:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 May 2022 09:46:26 GMT

GET
H2 200 jquery.min.js Show response
awakesecurity.com/wp-includes/js/jquery/ 87 KB
32 KB 28ms
27ms Script
application/x-javascript 172.67.74.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4911099
x-pantheon-styx-hostname: styx-fe4-b-97f8fd4b8-8szp5
x-cache: HIT, HIT
x-cloud-trace-context: 961efcf8637c4101888e697bfbdd3473/7376377692587087726;o=0
content-encoding: br
x-served-by: cache-mdw17350-MDW, cache-fra19152-FRA
last-modified: Mon, 28 Feb 2022 17:32:02 GMT
server: cloudflare
traceparent: 00-961efcf8637c4101888e697bfbdd3473-665e286dffc4d76e-00
x-timer: S1647178487.115105,VS0,VE2
etag: W/"621d0712-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4t7%2BT7NPT%2FsA3ArosIpyhIGAn1KDPtsUcpUTTfiJJLAJ1LG1L95j%2FOknoq%2FX%2B%2BXyTVQDMdN0Kl%2Be22fjvqcx1CsEIeR0F0jX1aXjVg4cGta8s0JZmIWaOAhVEyPOZRqYsrIB"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: bf4935f0-98bc-11ec-bfc5-8a587e610aab
expires: Wed, 01 Mar 2023 17:34:57 GMT
cache-control: max-age=31622400
cf-ray: 7089820999e2916a-FRA
x-cache-hits: 1, 1

GET
H2 200 jquery-migrate.min.js Show response
awakesecurity.com/wp-includes/js/jquery/ 11 KB
5 KB 23ms
23ms Script
application/x-javascript 172.67.74.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8992912
x-pantheon-styx-hostname: styx-fe4-a-949bdc85d-6sw8f
x-cache: HIT, HIT
x-cloud-trace-context: f797d9e8df9646dd9066d760cda7cf34/12928712588011154721;o=0
content-encoding: br
x-served-by: cache-mdw17325-MDW, cache-fra19178-FRA
last-modified: Mon, 24 Jan 2022 18:05:56 GMT
server: cloudflare
traceparent: 00-f797d9e8df9646dd9066d760cda7cf34-b36c03997b86ad21-00
x-timer: S1643096675.749507,VS0,VE1
etag: W/"61eeea84-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTifP4aE0io0giP%2BM%2BimPdOZscMedE4T4fhG0ObxCv7ZLrFunKgm%2FBWCwJemoG9%2F0p5kKbXb85lfJCQPQSBd5pMypEEw05f0Heh1xO6GcW%2FSkiXGYBsXvT5HzjvEFqNRBVOS"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 54255906-7d45-11ec-bb5f-4eff7083cf4e
expires: Wed, 25 Jan 2023 18:42:05 GMT
cache-control: max-age=31622400
cf-ray: 7089820999e4916a-FRA
x-cache-hits: 1, 1

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 20 KB
7 KB 52ms
22ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5699a9f1ae7a130fcd36591551ae1443606804654acae67173e1c9dda43848b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: g2v9xMx/aUUS06TIQnKQZA==
age: 5202
vary: Accept-Encoding
content-length: 6830
x-ms-lease-status: unlocked
last-modified: Mon, 09 May 2022 03:10:26 GMT
server: cloudflare
etag: 0x8DA31697706EB56
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 443ca994-101e-012b-3970-63ea0b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 70898209c81923df-ZRH

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 83 KB
32 KB 105ms
24ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lhb/6367) /
Resource Hash: cbda94666db24554bf77638fc059848d381c3c98f7f24641fa830abcd5793de7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 21:57:48 GMT
server: ECS (lhb/6367)
age: 24622
etag: "2d2f128cb60d81:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 32300

GET
H2 200 gray-blade-l.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/ 2 KB
1 KB 35ms
34ms Image
image/svg+xml 172.67.74.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/gray-blade-l.svg?t=1651985550

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59724cd88aeb9ed1579086352c4eefc048cdc7207c3dbf8c450ac1030cc57d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102696
x-pantheon-styx-hostname: styx-fe4-a-57b6b95778-hx66m
x-cache: HIT, MISS
x-cloud-trace-context: ccbc4b32c6af4e1f8ba62609c33f4ecd/14216162062309073697;o=0
strict-transport-security: max-age=300
content-encoding: br
x-served-by: cache-mdw17380-MDW, cache-fra19130-FRA
last-modified: Sun, 08 May 2022 04:52:30 GMT
server: cloudflare
traceparent: 00-ccbc4b32c6af4e1f8ba62609c33f4ecd-c549f41341512321-00
x-timer: S1651986890.320791,VS0,VE107
etag: W/"62774c8e-627"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KHRYMbiuLpzQ6erUJjwNf%2Fk%2BEXCZiO5%2BCw1dxzk7Zde3qB59AC2I3%2B%2BTncGRKMKG9J%2BbHNJ7avlWdKhDvWIxTE4USqMQ5LLbKZ7yXr9Q5Dgu2BceiyiZeU6Nh4JAeMR5FBX"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Tue, 09 May 2023 05:00:26 GMT
cache-control: max-age=31622400
cf-ray: 70898209faac916a-FRA
x-styx-req-id: c62a0fec-ce8b-11ec-8d43-e232e2aae1c4
x-cache-hits: 1, 0

GET
H2 200 gray-blade-r.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/ 2 KB
1 KB 19ms
18ms Image
image/svg+xml 172.67.74.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/gray-blade-r.svg?t=1651985550

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a66b75a0605cde41e287281ecb1232c00ebb98371a0c52b6067d2a5d1fbef48

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102696
x-pantheon-styx-hostname: styx-fe4-a-57b6b95778-jlsw2
x-cache: HIT, MISS
x-cloud-trace-context: afeefe9a40944be78761328702eea981/4093884977794607290;o=0
strict-transport-security: max-age=300
content-encoding: br
x-served-by: cache-mdw17329-MDW, cache-fra19164-FRA
last-modified: Sun, 08 May 2022 04:52:30 GMT
server: cloudflare
traceparent: 00-afeefe9a40944be78761328702eea981-38d066b26cc168ba-00
x-timer: S1651986890.476387,VS0,VE240
etag: W/"62774c8e-615"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTnimc9PI4bOiqZvc4PCkAzbKBfeL4MhCw8Y0o5VaFNRKc9RPT6lySOnGYa1YEJ7ds6Z64%2FNnjYsILVD1%2FrtkFHJW8OPLODtUHmKNyUe0%2BJtoYHCx94DquCdOK2%2BTo%2BrglvW"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Tue, 09 May 2023 05:00:26 GMT
cache-control: max-age=31622400
cf-ray: 70898209faae916a-FRA
x-styx-req-id: c63d26b0-ce8b-11ec-9d5f-ee2ea0428e17
x-cache-hits: 1, 0

GET
H2 200 awake-white.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/ 12 KB
5 KB 25ms
25ms Image
image/svg+xml 172.67.74.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/awake-white.svg?t=1651985550?v2

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d088bee0f421a9d84586b4e47c7b43b179d44377f656af2e6e4021d7baceb726

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102696
x-pantheon-styx-hostname: styx-fe4-b-6796575f45-rzg62
x-cache: HIT, MISS
x-cloud-trace-context: 50a90ea3182f48c6a5b914ffee026b33/7522047708444134287;o=0
strict-transport-security: max-age=300
content-encoding: br
x-served-by: cache-mdw17375-MDW, cache-fra19132-FRA
last-modified: Fri, 06 May 2022 18:53:26 GMT
server: cloudflare
traceparent: 00-50a90ea3182f48c6a5b914ffee026b33-6863ae898d5a8b8f-00
x-timer: S1651986891.558162,VS0,VE103
etag: W/"62756ea6-2f3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRVoudAekslLPEgC33mSpkqgRx2SXQvSZc19o2nwZg8LMdbqYtCWAQc9rt%2FDnkTm8%2BbYCnAKUsAuwjk96Pl7veETdRaEIvNnsHreGfd4f0CCLIMZGI0JKXBlo6aF9Tl7UHcp"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Tue, 09 May 2023 05:00:26 GMT
cache-control: max-age=31622400
cf-ray: 70898209fab1916a-FRA
x-styx-req-id: c65c9207-ce8b-11ec-bfb2-a2a9bb26b25d
x-cache-hits: 1, 0

GET
H2 200 gtm4wp-form-move-tracker.js Show response
awakesecurity.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
871 B 34ms
34ms Script
application/x-javascript 172.67.74.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.15

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1542137a20a23276ec5664c54bb99113c42280bf1f699d035e6d12f2381c156

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1791863
cf-polished: origSize=1449
x-cache: HIT, MISS
x-cloud-trace-context: 0b1da910cccf4f56b119454b2ad3f2f9/9000694352746136416;o=0
x-cache-hits: 1, 0
cf-bgj: minify
content-encoding: br
x-served-by: cache-mdw17356-MDW, cache-fra19129-FRA
last-modified: Mon, 18 Apr 2022 14:58:23 GMT
server: cloudflare
traceparent: 00-0b1da910cccf4f56b119454b2ad3f2f9-7ce8e3d37b4c4360-00
x-timer: S1650297724.810932,VS0,VE107
etag: W/"625d7c8f-5a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2FDed%2FQ9evubfKG5PyXq27ySsB6tueI9caQaGoSBqbU9c%2BPz9KMIMbwtrAIT7TkoTF55t6ii15X%2BHmCFwSFB2maaiu%2FNWXcOLqnR8ThFuJAH2mAgz9QDgrks%2BIkUs4YG984J"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 99d63430-bf28-11ec-a1ba-564a52df1d80
expires: Wed, 19 Apr 2023 15:02:44 GMT
cache-control: max-age=31622400
cf-ray: 70898209da93916a-FRA
x-pantheon-styx-hostname: styx-fe4-b-555d558b88-jqprh

GET
H2 200 gtm4wp-youtube.js Show response
awakesecurity.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 6 KB
2 KB 24ms
24ms Script
application/x-javascript 172.67.74.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-youtube.js?ver=1.15

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63c25a34debe806536107459576591bbecd97abe950d97ea98eb7da8124fefb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1791863
cf-polished: origSize=7311
x-cache: HIT, MISS
x-cloud-trace-context: d488a6ad96594dfa942408968fb207ee/15761767026816134216;o=0
x-cache-hits: 1, 0
cf-bgj: minify
content-encoding: br
x-served-by: cache-mdw17369-MDW, cache-fra19182-FRA
last-modified: Mon, 18 Apr 2022 14:58:20 GMT
server: cloudflare
traceparent: 00-d488a6ad96594dfa942408968fb207ee-dabd0b99f9d72c48-00
x-timer: S1650297724.832338,VS0,VE104
etag: W/"625d7c8c-1c8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smLNdUqpJU3CCfS4fNWhx8PJQ%2FCLD3xTXa24iY%2B%2FKw1HNB2SpMFVOjO1cVe30a3D9nQIfruy7J36S7GpoE4ayyyvAPIlI3%2BSY1g7War4g%2BN7BbbkXhzDer7quYsQ%2FHt3cKRH"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 1950c85c-bf28-11ec-a1ba-564a52df1d80
expires: Wed, 19 Apr 2023 14:59:08 GMT
cache-control: max-age=31622400
cf-ray: 70898209eaaa916a-FRA
x-pantheon-styx-hostname: styx-fe4-b-555d558b88-jqprh

GET
H2 200 awake.js Show response
awakesecurity.com/wp-content/themes/awake19/assets/dist/ 160 KB
46 KB 23ms
21ms Script
application/x-javascript 172.67.74.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.js?t=1651985550&ver=5.9.3

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d435074da875ff2017a093ab23d347cc660690697ff068f9eaadec22eae8a0dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102696
cf-polished: origSize=166300
x-cache: HIT, MISS
x-cloud-trace-context: 7fff69ca4d3b45d2bd50622947022074/7649183681699126040;o=0
x-cache-hits: 1, 0
cf-bgj: minify
content-encoding: br
x-served-by: cache-mdw17330-MDW, cache-hhn4057-HHN
last-modified: Fri, 06 May 2022 18:53:26 GMT
server: cloudflare
traceparent: 00-7fff69ca4d3b45d2bd50622947022074-6a275c0809641b18-00
x-timer: S1651986890.222532,VS0,VE105
etag: W/"62756ea6-2899c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PI%2Ft%2FARaE1Gs1ZJ1iHuP3KH2TwryJfmc0np2TqeVlKiYGuF%2FWnGzfOitDNI8yRtvuyPY0s%2BPbWLT2NLfsvc%2BUzV%2FgjW4XpkQAjIKkQ3XZ85xsrBgbja6fhlx%2BqYBC6Fbz4Yw"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: c5e2d2e6-ce8b-11ec-8d43-e232e2aae1c4
expires: Tue, 09 May 2023 05:00:25 GMT
cache-control: max-age=31622400
cf-ray: 70898209faab916a-FRA
x-pantheon-styx-hostname: styx-fe4-a-57b6b95778-hx66m

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 585 KB
147 KB 74ms
42ms Script
application/javascript 2606:4700::6811:b649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js?ver=5.9.3

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1201a7ade8b583fd9855901caec83fb98deae7c63cb5422c710eb89c371a53e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 9557da2570df16242f84a67f254d7f30.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 266
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 03 May 2022 07:34:38 UTC
server: cloudflare
etag: W/"7fc363e633af7991a55db0edb86a2389"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPzTBI5IsxYZX7qo22StJNJJFcTyikpCSFZ4aRCMhoCcWDU3WUCXl12DIaJjZskM1cstR2OzOexxqi2ND2R%2FbNpVb%2F1a7wdP8oMU3UAT1r0ajiFx%2FuB%2B9q3tmAvwyDREdIYw6ckw1TR7OjHM"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: MZx47VT54ZncxhCATHluUTqB0LVHatTh
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 7089820a3d770215-ZRH
x-amz-cf-id: hzZB9aRztrTmX05T7VeVZT-lQ67CbdfObui8pQVtBM47hGowqUC7DQ==
x-hs-target-asset: FormsNext/static-5.486/bundles/project_with_deps.js

GET
H2 200 6878499a-f407-49ea-a73e-544784ae21ce.json Show response
cdn.cookielaw.org/consent/6878499a-f407-49ea-a73e-544784ae21ce/ 4 KB
2 KB 47ms
19ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6878499a-f407-49ea-a73e-544784ae21ce/6878499a-f407-49ea-a73e-544784ae21ce.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfebeb6103a4b33e61c6fa680145d5584e4e16de70205495f48bdb8bf49d52be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: W+iHuChDUjJwPggoqmwJ+Q==
age: 3054
vary: Accept-Encoding
content-length: 1478
x-ms-lease-status: unlocked
last-modified: Wed, 06 Oct 2021 15:34:49 GMT
server: cloudflare
etag: 0x8D988DED53518CA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bb5935e5-201e-0123-09a1-24f178000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7089820a189123df-ZRH
expires: Mon, 09 May 2022 13:46:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 185 KB
66 KB 49ms
24ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae8ea20dd3a3dbd0a0eaf4f108a370cce90582101f3c20ddf921b37ce820a04c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67568
x-xss-protection: 0
last-modified: Mon, 09 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 May 2022 09:46:26 GMT

GET
H2 200 cta-link-arrowhead-white.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/ 202 B
655 B 21ms
21ms Image
image/svg+xml 172.67.74.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/cta-link-arrowhead-white.svg

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1651985550&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faca2a40969659b6bd6588bf951d7a1e95b60130c3b3906bf64f9c3f23d1267f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1651985550&ver=5.9.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270787
x-pantheon-styx-hostname: styx-fe4-b-555d558b88-8g5bs
x-cache: HIT, HIT
x-cloud-trace-context: 3ac94ec0d756486e9f511b977327ea26/8994961427674145304;o=0
strict-transport-security: max-age=300
content-encoding: br
x-served-by: cache-mdw17364-MDW, cache-fra19153-FRA
last-modified: Mon, 18 Apr 2022 14:58:21 GMT
server: cloudflare
traceparent: 00-3ac94ec0d756486e9f511b977327ea26-7cd485c2d8dba218-00
x-timer: S1651818800.673434,VS0,VE2
etag: W/"625d7c8d-ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivBC6ol3silPBY80B8W9AUnRtuSiuSMGbFy1iot%2FrSW3amORZ9la96g3Xni%2FOMqmm1O9lw4tCFrM0YhqbRPpfSrPntVfG5XxRbaPSwiYlUMcY6xY1IY9LynlkciwUnZ2%2FSA9"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Wed, 19 Apr 2023 15:34:32 GMT
cache-control: max-age=31622400
cf-ray: 70898209fab5916a-FRA
x-styx-req-id: 0b34fd36-bf2d-11ec-bbb0-022df9d6f5fb
x-cache-hits: 1, 1

GET
H2 200 awake-blue.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/ 14 KB
5 KB 20ms
20ms Image
image/svg+xml 172.67.74.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/awake-blue.svg?v2

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1651985550&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ad7be1450b1857107cbdaf03fd3e1c23c864d10c3c5c842454fdefc6f2ee58c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1651985550&ver=5.9.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1341247
x-pantheon-styx-hostname: styx-fe4-b-555d558b88-8g5bs
x-cache: HIT, HIT
x-cloud-trace-context: ba54f75755314f0abab98397c33a189e/11096991695400205409;o=0
strict-transport-security: max-age=300
content-encoding: br
x-served-by: cache-mdw17344-MDW, cache-fra19154-FRA
last-modified: Mon, 18 Apr 2022 14:58:21 GMT
server: cloudflare
traceparent: 00-ba54f75755314f0abab98397c33a189e-9a006f270fc9fc61-00
x-timer: S1650748339.303912,VS0,VE3
etag: W/"625d7c8d-36cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hGFM4BXEAzSyvFWUGwRhVlfXY4eQAlmt8EbPdtUXBhMFYCCfP%2FSZ%2BwGemx7HdlJ7vSS9RgqARkHAENXJCgb9JhqkKDBSZccZmTffHjZOGYsjpDZWnKGDcwpF0G31nf4mOAv"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Wed, 19 Apr 2023 15:21:58 GMT
cache-control: max-age=31622400
cf-ray: 70898209fab7916a-FRA
x-styx-req-id: 4a0fd02a-bf2b-11ec-bbb0-022df9d6f5fb
x-cache-hits: 1, 1

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 30 KB
31 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C600%7CQuattrocento%3A400%2C700&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://awakesecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:08:21 GMT
x-content-type-options: nosniff
age: 491885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 17:08:21 GMT

GET
H2 200 OZpbg_xvsDZQL_LKIF7q4jP_eE3vcKnY.woff2
fonts.gstatic.com/s/quattrocento/v17/ 35 KB
35 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quattrocento/v17/OZpbg_xvsDZQL_LKIF7q4jP_eE3vcKnY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C600%7CQuattrocento%3A400%2C700&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e232623c90033b45c4ca98c53ff6b4b5b6c54b1c2da2f05a3a1a7e68e2ca8f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://awakesecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 23:37:34 GMT
x-content-type-options: nosniff
age: 382132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35952
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:14:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 23:37:34 GMT

GET
H2 200 operation-white-stork-incident-response-timeline.png
awakesecurity.com/wp-content/uploads/2021/05/ 52 KB
52 KB 142ms
141ms Image
image/png 172.67.74.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/uploads/2021/05/operation-white-stork-incident-response-timeline.png

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e25a07abea29fb732abbcadbc34d98aff95a4629359c7201e5fe265a41f8a419

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe4-b-6796575f45-hfcpb
x-cache: HIT, MISS
x-cloud-trace-context: dc4600b8bab44022911699e6d4e12df4/9302119478551810852;o=0
strict-transport-security: max-age=300
content-length: 52986
x-served-by: cache-mdw17382-MDW, cache-fra19158-FRA
last-modified: Thu, 13 May 2021 21:44:54 GMT
server: cloudflare
traceparent: 00-dc4600b8bab44022911699e6d4e12df4-8117c46189529324-00
x-timer: S1652089586.292730,VS0,VE105
etag: "609d9dd6-cefa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykCsnXs1hfvLcmbI3o4SqhrnCGLjunIUZyccXnXpBEEUQsCYXUwX9H6vrM7A74l9gUWGCT9%2FpioH4r%2BBG1WA02moagLcx%2B2z3TyY1WHJp5V5ySTTpLbokiNZ4Lj3LoRBVhRA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: e2c27ef4-ce94-11ec-88fc-a6a612bb6465
expires: Tue, 09 May 2023 06:05:39 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 7089820a2b22916a-FRA
x-cache-hits: 1, 0

GET
H2 200 word-image-23.jpeg
awakesecurity.com/wp-content/uploads/2021/05/ 124 KB
125 KB 36ms
35ms Image
image/jpeg 172.67.74.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/uploads/2021/05/word-image-23.jpeg

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef000116a095a861514ad5de78a59ffd3fea4733bee92e71aacfbb36577001de

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe4-b-5558bd685b-br574
x-cache: MISS, HIT
x-cloud-trace-context: cbf82f529a454016b4d2277c4550b626/1729371576801728983;o=0
strict-transport-security: max-age=300
content-length: 127303
x-served-by: cache-mdw17360-MDW, cache-hhn4035-HHN
last-modified: Thu, 13 May 2021 11:12:11 GMT
server: cloudflare
traceparent: 00-cbf82f529a454016b4d2277c4550b626-17fff64957ec99d7-00
x-timer: S1652089586.293738,VS0,VE2
etag: "609d098b-1f147"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEoz%2F9LGkwgXafjZ9O7zYLcgrY35P0qiDGmRs6BUQTwPfJkxIyxO1WNnDz8FefWND%2B5PgoUnoLMT9U64hoU%2F5vUu%2BLmI52N%2F2xSInT%2BxBf2SAajIud4DkYKIavlxKLj8MA%2BL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: f2e94b19-cd1e-11ec-9121-0ad322577643
expires: Sun, 07 May 2023 09:28:54 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 7089820a2b24916a-FRA
x-cache-hits: 0, 1

GET
H2 200 word-image-24.jpeg
awakesecurity.com/wp-content/uploads/2021/05/ 126 KB
127 KB 147ms
147ms Image
image/jpeg 172.67.74.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/uploads/2021/05/word-image-24.jpeg

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1547a5df4d7720dfbf9fceaac844032e843742b2a471435775e0739409361736

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe4-a-57b6b95778-b6sfx
x-cache: HIT, MISS
x-cloud-trace-context: 4c0b1759868c44e8aa7a4c0856d9811a/14015020598549562218;o=0
strict-transport-security: max-age=300
content-length: 129271
x-served-by: cache-mdw17341-MDW, cache-fra19129-FRA
last-modified: Thu, 13 May 2021 11:12:18 GMT
server: cloudflare
traceparent: 00-4c0b1759868c44e8aa7a4c0856d9811a-c27f5afac854436a-00
x-timer: S1652089586.297235,VS0,VE107
etag: "609d0992-1f8f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtarrJQYqsUeXu7s1U3LtT2U4brVBnbnXkqWZEGy8vmKiKLHqiG7An3%2Bphq53HXXiEAxkUCbj6SxwaLQokF%2B8C1MUCKNwxWtDmwbAUr3zdv5J7%2FFB6lbLd1uVml6lp2SDWEM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: f8b40820-ceee-11ec-bfe3-6e9836823935
expires: Tue, 09 May 2023 16:50:31 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 7089820a2b27916a-FRA
x-cache-hits: 1, 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 44ms
23ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-youtube.js?ver=1.15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a8edbef79c552317072ecd5809fbef66e060fdf4f837f8266ff78999c23b027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 09 May 2022 09:46:26 GMT

GET
H2 200 cta-link-arrowhead.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/ 204 B
769 B 48ms
48ms Image
image/svg+xml 172.67.74.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/cta-link-arrowhead.svg

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1651985550&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

827ad877bc995d3249dc37ce07b933b5783ee4a2cabf7ca9d6636b6e759ec50b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1651985550&ver=5.9.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6023633
x-pantheon-styx-hostname: styx-fe4-b-5577f5d7f8-mpvk6
x-cache: HIT, HIT
x-cloud-trace-context: d3ff3eabf354473093e91dcff4e7a96e/14644494633995948282;o=0
strict-transport-security: max-age=300
content-encoding: br
x-served-by: cache-mdw17380-MDW, cache-fra19154-FRA
last-modified: Mon, 21 Feb 2022 20:09:37 GMT
server: cloudflare
traceparent: 00-d3ff3eabf354473093e91dcff4e7a96e-cb3bb2479e7150fa-00
x-timer: S1646065954.642903,VS0,VE2
etag: W/"6213f181-cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEGtDdgtV7m%2FYIx6vIFGlB1qOdIk7Z82PdmqZKO3siOjK8NXmGWLn7Z37ohbh6m2IgELzemVEOkI%2BWa4CA9%2FJRNB6Bm6cYkfHKMyeM0D13B4%2BASO57zP508%2BkgBay%2FAXfLqB"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Wed, 22 Feb 2023 20:15:10 GMT
cache-control: max-age=31622400
cf-ray: 7089820a5b7c916a-FRA
x-styx-req-id: f8320d61-9352-11ec-b2c4-7a9f385dfc72
x-cache-hits: 1, 1

GET
H2 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq_p9WXh0pg.woff2
fonts.gstatic.com/s/montserrat/v24/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq_p9WXh0pg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C600%7CQuattrocento%3A400%2C700&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47ea5256bfc4bb763ac4c6ee485c593f5647d6518a2bd77310d0290b09ff5155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://awakesecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:24:48 GMT
x-content-type-options: nosniff
age: 490898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12932
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 17:24:48 GMT

GET
H2 200 OZpEg_xvsDZQL_LKIF7q4jP3w2j6.woff2
fonts.gstatic.com/s/quattrocento/v17/ 35 KB
35 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quattrocento/v17/OZpEg_xvsDZQL_LKIF7q4jP3w2j6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C600%7CQuattrocento%3A400%2C700&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe65e8f74381d5afc5a63c298f62b26c4b68531e9e2792e6fa63f4af24842596

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://awakesecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 20:59:38 GMT
x-content-type-options: nosniff
age: 391608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35872
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 20:59:38 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
457 B 58ms
30ms XHR
application/json 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://awakesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 7089820ac9b523df-ZRH
access-control-allow-headers: Content-Type

GET
H2 200 forms.js Show response
hubspot.clearbit.com/v1/forms/pk_eb94a3b23abc2d3ed2b6bf58e9046752/ 4 KB
5 KB 239ms
175ms Script
application/javascript 3.8.13.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hubspot.clearbit.com/v1/forms/pk_eb94a3b23abc2d3ed2b6bf58e9046752/forms.js

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.8.13.190 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-8-13-190.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

33de01f1dce7eee5b5ea44986000f20ac585c04d34a29cd2b7f4791021455fd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
x-content-type-options: nosniff
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 4355
content-security-policy-report-only: default-src: 'self'; report-uri https://o13610.ingest.sentry.io/api/6173537/security/?sentry_key=7ac906c405c04da0bad984892f88d1bb
content-type: application/javascript;charset=utf-8

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/a4d8b401/www-widgetapi.vflset/ 154 KB
50 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a4d8b401/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

482866f926d0ddaff02efee02da8b54a6fe2de90bedec9d7c9bf1d1ae2c65834

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 07:27:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8366
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51078
x-xss-protection: 0
last-modified: Thu, 05 May 2022 00:17:48 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 May 2023 07:27:00 GMT

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
304 B 18ms
18ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=e6419d3e93ce475fada8cb84c9a3f8f3&_biz_s=d05e9&_biz_l=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&_biz_t=1652089586396&_biz_i=Catching%20the%20White%20Stork%20in%20Flight%20with%20Multiple%20Techniques%20and%20Tools.&_biz_n=0&rnd=581659&cdn_o=a&_biz_z=1652089586397
Requested by: Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lhb/63A5) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 09:46:26 GMT
last-modified: Thu, 05 May 2022 02:54:56 GMT
server: ECS (lhb/63A5)
age: 370290
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
204 B 26ms
17ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=e6419d3e93ce475fada8cb84c9a3f8f3&_biz_s=d05e9&_biz_l=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&_biz_t=1652089586400&_biz_i=Catching%20the%20White%20Stork%20in%20Flight%20with%20Multiple%20Techniques%20and%20Tools.&rnd=237065&cdn_o=a&_biz_z=1652089586400
Requested by: Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lhb/62A2) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 09:46:26 GMT
last-modified: Thu, 05 May 2022 02:55:03 GMT
server: ECS (lhb/62A2)
age: 370283
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 100 KB
39 KB 43ms
20ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-NDH7TG4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

efef3c8dbafbf539e497c616457bfacef392ddbe7229328ca951beef231972a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39801
x-xss-protection: 0
last-modified: Mon, 09 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 May 2022 09:46:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5237
date: Mon, 09 May 2022 08:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 09 May 2022 10:19:09 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 74ms
21ms Script
application/x-javascript 2a02:26f0:3500:7::17d8:4dcc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dcc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 09:46:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=56645
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 43ms
21ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14865
x-xss-protection: 0
server: cafe
etag: 2710672821686371805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 09 May 2022 09:46:26 GMT

GET
H2 200 3455675.js Show response
js.hs-scripts.com/ 2 KB
983 B 167ms
139ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/3455675.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5439690d82314004da4f641bc4929a5a002367c14254d873f43d1ced12999c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 5edc07f7-5d57-4330-becd-ebb3f0dd703c
last-modified: Mon, 09 May 2022 08:55:32 GMT
server: cloudflare
x-trace: 2B4D49DA714E654E46F01C27E892CCB36454BC6BC2000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://awakesecurity.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7089820b6d1b2397-ZRH
expires: Mon, 09 May 2022 09:47:26 GMT

GET
H2 200 preload.js Show response
front.optimonk.com/public/37807/js/ 3 KB
2 KB 35ms
14ms Script
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/37807/js/preload.js

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

599285b3c4e8527aadfdf649f085dc0ddbc8aaa3cafe5408bf9bceae023b1d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"d53-KRhfcru87DBKoeVk9Kf+2+uNeA4"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1350
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 28 KB
10 KB 64ms
12ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 93cc545f534a75a876beccc35125e563e20bb9857714482547fc151f07d57595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 16:26:14 GMT
etag: "1ce6e12fa6e9b18909e94a06df1ef9cb+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 9561
x-served-by: cache-iad-kiad7000056-IAD, cache-muc13935-MUC

GET
H2

200

tags.js Show response
x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/
Redirect Chain

https://x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/clearbit.js
https://x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/tags.js?reveal=false&reveal_async=false&tracking=true&tracking_auto_page_events=false&tracking_cookies=true&tracking_legacy=true

950 B
793 B

174ms
173ms

Script
application/javascript

18.168.5.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/tags.js?reveal=false&reveal_async=false&tracking=true&tracking_auto_page_events=false&tracking_cookies=true&tracking_legacy=true

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Server

18.168.5.55 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-168-5-55.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

59da0c2264893cbdf54acb776e32116e68c202024e5670be94782329242523cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: gzip
content-security-policy-report-only: default-src: 'self'; report-uri https://o13610.ingest.sentry.io/api/6173537/security/?sentry_key=7ac906c405c04da0bad984892f88d1bb
server: envoy
etag: W/"856272cacfcba332d066102ad85c88cd"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff

Redirect headers

date: Mon, 09 May 2022 09:46:26 GMT
x-content-type-options: nosniff
server: envoy
content-security-policy-report-only: default-src: 'self'; report-uri https://o13610.ingest.sentry.io/api/6173537/security/?sentry_key=7ac906c405c04da0bad984892f88d1bb
content-type: text/html;charset=utf-8
location: https://x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/tags.js?reveal=false&reveal_async=false&tracking=true&tracking_auto_page_events=false&tracking_cookies=true&tracking_legacy=true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 55ms
18ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: 9ss/Eqj86H33U1ELroo3MhC6/Fm1xds8eQ1UhCfrq5ospGjkwAO8dNN+IB21j1uqq7BF6m5xkIfUGt2SkXeh2g==
x-fb-trip-id: 720026100
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 09 May 2022 09:46:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.24.0/ 317 KB
76 KB 21ms
21ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: V5hcbF1dEgrls6P2M61C9g==
age: 17487534
vary: Accept-Encoding
content-length: 77260
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:37 GMT
server: cloudflare
etag: 0x8D983BB67EEBDFE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5e61dc7b-401e-0111-7e6c-c4a9a8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7089820b4a9423df-ZRH

GET dot.png
img.blindspot.ai/ 0
0

OPTIONS
H2 200 json
forms.hsforms.com/embed/v3/form/3455675/552bf00a-3b99-46d5-ab7b-f3e36e880305/ Frame 0
0 164ms
135ms Preflight
text/plain 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/3455675/552bf00a-3b99-46d5-ab7b-f3e36e880305/json?hutk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://awakesecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: x-requested-with
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://awakesecurity.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7089820b8ff101fc-ZRH
content-length: 18
content-type: text/plain; charset=utf-8
date: Mon, 09 May 2022 09:46:26 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: cdc5d814-8d4f-4b7a-9bd9-9cdaa2dd9a4c
x-robots-tag: none
x-trace: 2BCA3231BC0335DC3B487D7B4F177DAC998FA9A1DA000000000000000000

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/3455675/552bf00a-3b99-46d5-ab7b-f3e36e880305/ 11 KB
4 KB 162ms
147ms XHR
application/json 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/3455675/552bf00a-3b99-46d5-ab7b-f3e36e880305/json?hutk=

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bffb4959816530e8bc2f20a253a30eb25f3a7757fd8481a63e733c0023cf12fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript
Referer: https://awakesecurity.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-origin-hublet: na1
date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: eaa97014-0add-4bb8-93f0-41f94c8e83a3
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
x-trace: 2BD05B951EC3793197D70ACAAAE02DFD8A2E955886000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://awakesecurity.com
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 7089820c78270200-ZRH
access-control-allow-headers: *

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
523 B 125ms
125ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=e6419d3e93ce475fada8cb84c9a3f8f3&_biz_h=-1906410348&cdn_o=a&jsVer=4.22.02.16
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lhb/6384) /
Resource Hash: 24c9acfa313cfec8010a06f68b2143cbf9dc55d9e7b41f39776bf0f0c541433e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: gzip
server: ECS (lhb/6384)
etag: 61297A68
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 218

GET
H2 200 preload-base.js Show response
front.optimonk.com/ 50 KB
16 KB 17ms
16ms Script
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/preload-base.js?v=7df7d61e03

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/public/37807/js/preload.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

afca0f094dd763124013b42ad25e4bdfa39d111e3e01689961199142e298bc6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"c701-AJztdCeTWdLh7SO2t3dxJQBe5oc"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/6878499a-f407-49ea-a73e-544784ae21ce/d9b7fdda-5ec5-4ee3-8cb3-a9513f87665f/ 60 KB
14 KB 46ms
46ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6878499a-f407-49ea-a73e-544784ae21ce/d9b7fdda-5ec5-4ee3-8cb3-a9513f87665f/en-us.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

263971a8cab1ad0a5beb2f88b39a2b7937295ce9c4df96ad2eac055124ee2125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dJ4+19JkYmu3cFJeBnpC4g==
vary: Accept-Encoding
content-length: 13768
x-ms-lease-status: unlocked
last-modified: Wed, 06 Oct 2021 15:34:57 GMT
server: cloudflare
etag: 0x8D988DEDA34BCC6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: edb0cd51-701e-001d-2f7c-52010c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7089820b9b0623df-ZRH
expires: Mon, 09 May 2022 13:46:26 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
15ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1434865551&t=pageview&_s=1&dl=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&ul=en-us&de=UTF-8&dt=Catching%20the%20White%20Stork%20in%20Flight%20with%20Multiple%20Techniques%20and%20Tools.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABQAAAAC~&jid=163429200&gjid=1126543166&cid=1703798914.1652089586&tid=UA-106883604-1&_gid=2014008312.1652089586&_r=1&gtm=2wg5405XLMPQR&z=513427017

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 May 2022 09:46:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://awakesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/842977571/ 2 KB
2 KB 45ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842977571/?random=1652089586506&cv=9&fst=1652089586506&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg540&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&tiba=Catching%20the%20White%20Stork%20in%20Flight%20with%20Multiple%20Techniques%20and%20Tools.&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6350dc5fa1ebddf8791e7ad092f595be666e1dd67e317adcc7219d185548feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1079
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 524739641515499 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 168ms
147ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/524739641515499?v=2.9.58&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a65fceb8cb7cc054440ed4130ef0e55ec5f5d8c3067cbc485b5ffae0b59c634

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: mx5x9ksZ+g48U8wp/JMK27oEvHWrJOcWfokPAySybUuM/JIjI3lVGRSg4wuJJvZjsM3iuM91N1Zj7ZjlfFQL4A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 09 May 2022 09:46:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1652089586680
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jfclientsdk.min.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 94 KB
32 KB 31ms
7ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Requested by: Host: front.optimonk.com
URL: https://front.optimonk.com/preload-base.js?v=7df7d61e03
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE1-832 /
Resource Hash: 7cdc558992cf8d77ea5e9fb2360e25aaf19eb850036f750657963044a5b3ca1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: br
cdn-edgestorageid: 832
age: 0
x-guploader-uploadid: ADPycdswA-ghktfF4njiQ_WOtZN-ME1s4QoQGQsviShWynYGMF0Rrz_8WHsmaj0LSPUXp7h8fMo6CZEzhyFS9_TwfxuiBSMIgFo7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
cdn-cachedat: 05/05/2022 06:37:52
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
server: BunnyCDN-DE1-832
last-modified: Thu, 05 May 2022 06:37:44 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"514bf3d0110bfc3d1e7378053e444d82"
content-language: en
vary: Accept-Encoding, Accept-Encoding
x-goog-hash: crc32c=9qL8bg==, md5=UUvz0BEL/D0ec3gFPkRNgg==
x-goog-generation: 1651732664453193
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 96276
cdn-requestid: 82d8b25ee1d36568bfda922986182bf6
content-type: application/javascript
cdn-requestcountrycode: RO
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-106883604-1&cid=1703798914.1652089586&jid=163429200&gjid=1126543166&_gid=2014008312.1652089586&_u=aEBAAEAAQAAAAC~&z=584610512

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 09 May 2022 09:46:26 GMT
content-type: text/plain
access-control-allow-origin: https://awakesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1652089586538&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D116994%26time%3D1652089586538%26url%3Dhttps%253A%252F%252Fawakesecurity.com%252Fb...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1652089586538&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1652089586538&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&liSync=true&e_ipv6=AQIzUTTaG37aQQAAA...

0
265 B

210ms
188ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1652089586538&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&liSync=true&e_ipv6=AQIzUTTaG37aQQAAAYCoNoV2wF80CuzR6u66vQPLtd0ULpukP22UXWmNNadk6QsQ3QYnq-Q
Requested by: Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 21C712322FC5456BA7909D86C68147DD Ref B: FRAEDGE1113 Ref C: 2022-05-09T09:46:27Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXekRT8SrOG3Vy65ufU7Q==
x-li-fabric: prod-lor1

Redirect headers

date: Mon, 09 May 2022 09:46:26 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: FA65787735C64782A58CBF22AF2069A9 Ref B: FRAEDGE1317 Ref C: 2022-05-09T09:46:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1652089586538&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&liSync=true&e_ipv6=AQIzUTTaG37aQQAAAYCoNoV2wF80CuzR6u66vQPLtd0ULpukP22UXWmNNadk6QsQ3QYnq-Q
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXekRT5H3qLQJom80CjJw==

POST
H2 200 load Show response
front.optimonk.com/public/37807/js/ 0
347 B 28ms
13ms XHR
application/javascript 167.99.251.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/37807/js/load

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

167.99.251.246 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://awakesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 13 KB
3 KB 24ms
24ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 6kn6x4Mq//asafVxYG5LSA==
age: 3054
vary: Accept-Encoding
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:28 GMT
server: cloudflare
etag: 0x8D983BB627AC080
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 289db995-201e-000e-7e1a-4834ed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7089820c0bc423df-ZRH

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.24.0/assets/v2/ 46 KB
12 KB 23ms
21ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f766c61297183207dea435ddd5ce006c7230aa27c834bb1bc4dbe01b83d97d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: x/n5vYdkes7sKCqU8TquDQ==
age: 3054
vary: Accept-Encoding
content-length: 11861
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:30 GMT
server: cloudflare
etag: 0x8D983BB63F26533
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: b85bf4e8-801e-0080-20a1-247b4c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7089820c0bc523df-ZRH

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 20 KB
4 KB 26ms
24ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 3054
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e0d36acb-f01e-0103-2b7c-519db4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 7089820c0bca23df-ZRH

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
354 B 156ms
124ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o1ivb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=3f21888f-665f-4b82-a124-3f9cc08d7c3f&tw_document_href=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 116
date: Mon, 09 May 2022 09:46:25 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 1a4791b0cd5d27b42ca299319acf4f7abcc3fe5adecee5365fc603bcb7a7f5b1
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
337 B 250ms
116ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=o1ivb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=3f21888f-665f-4b82-a124-3f9cc08d7c3f&tw_document_href=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 109
date: Mon, 09 May 2022 09:46:26 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e3ea442d0b5b294edaaaf1e5ca6863548ba08396008a470c26801c57dc52bf59
content-length: 43

GET
H2 200 /
www.google.com/pagead/1p-user-list/842977571/ 42 B
548 B 42ms
20ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/842977571/?random=1652089586506&cv=9&fst=1652086800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg540&sendb=1&frm=0&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&tiba=Catching%20the%20White%20Stork%20in%20Flight%20with%20Multiple%20Techniques%20and%20Tools.&async=1&fmt=3&is_vtc=1&random=2260521543&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 09:46:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/842977571/ 42 B
548 B 52ms
24ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/842977571/?random=1652089586506&cv=9&fst=1652086800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg540&sendb=1&frm=0&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&tiba=Catching%20the%20White%20Stork%20in%20Flight%20with%20Multiple%20Techniques%20and%20Tools.&async=1&fmt=3&is_vtc=1&random=2260521543&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 09:46:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 49ms
32ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-106883604-1&cid=1703798914.1652089586&jid=163429200&_u=aEBAAEAAQAAAAC~&z=1593660285

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 09:46:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 48ms
31ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-106883604-1&cid=1703798914.1652089586&jid=163429200&_u=aEBAAEAAQAAAAC~&z=1593660285

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 09:46:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
jfapiprod.optimonk.com/v2/ 26 B
196 B 168ms
130ms Fetch
application/json 34.117.177.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jfapiprod.optimonk.com/v2/
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.177.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.177.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer: https://awakesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 google
etag: W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26
content-type: application/json; charset=utf-8

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 3455675.js Show response
js.hs-banner.com/ 60 KB
16 KB 268ms
223ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3455675.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3455675.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f53e57a616ddec123535e664855afed010635d4fbe95c8853c32618ff9373fc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 9YBN4574G6418EN0
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: tcpGDCmF/OhO4nBbqdqJ9yKLgWvJSmJZrD6JTDuR4wS1mscdSDigzbvOdEEv2hXqekerXwYZhAM=
timing-allow-origin: *
last-modified: Thu, 17 Feb 2022 20:56:53 GMT
server: cloudflare
etag: W/"6e367a9a10e06aee76482a40b6b4dee0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: qHE9Kvx3cWM_aBXCyb.o0mGO5MVpLWLW
access-control-allow-origin: https://awakesecurity.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 7089820d283223f7-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 09 May 2022 09:51:26 GMT

GET
H2 200 3455675.js Show response
js.hs-analytics.net/analytics/1652089500000/ 62 KB
20 KB 265ms
223ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1652089500000/3455675.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3455675.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b660838b195a80d6a5c09d6e015aeb156f2eec40e09c1a66e5cb6f9ab32c86d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: XE5E3GN625CARQ5V
x-amz-server-side-encryption: AES256
cf-ray: 7089820d1869cc4a-ZRH
x-amz-id-2: i0KT/CwdMrKRChGwuTUZXFVGWPc1yRPmfZc5SEgnw/I/FyRS2+VVilZhpxLJwwtb5i9jfXAqhZc=
last-modified: Thu, 14 Apr 2022 15:16:27 GMT
server: cloudflare
etag: W/"8d9114d23d17e848f05d58a84e258da7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Mon, 09 May 2022 09:51:26 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 80 KB
22 KB 59ms
24ms Script
application/javascript 2606:4700::6811:eecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3455675.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0dd8ccd27470010f5148a31d1d6dafee2ddccca06b73536e3219bcd790a4fad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 1b6db55df4d0459558669f7d008cda9c.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 199
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10012/bundles/project.js&cfRay=70897d2dfd1401f0-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 02 May 2022 09:53:14 UTC
server: cloudflare
etag: W/"8363d6862ab9a465eec7a203c5b84613"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ._Yaj2o2hXltYtvzDFlCLtnm8S2a0t3Z
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 7089820d1a3d0225-ZRH
x-amz-cf-id: Cm4uXHSN4fFZDkfjZI0-YX7Em3lcPUIp0OQEghnw8aLywfisLAce4Q==
x-hs-target-asset: conversations-embed/static-1.10012/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 68ms
24ms Script
application/javascript 2606:4700::6811:73b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3455675.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 142e1cd28809b7bbe61123941a3a70a045a5c1fa864c97574b32abd94f4b4229

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 0920aeb1eced22df07c9ece1cab0a554.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 181
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.278/bundles/pixels-release.js&cfRay=70897d9d7eb101f0-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 26 Apr 2022 04:18:52 UTC
server: cloudflare
etag: W/"e23a3c7ef0fc6b7c55f83c4911c95be6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: sUKtDc7b2iEDZ57z7v16VeKnAVF7O_.0
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 7089820d283423f7-ZRH
x-amz-cf-id: 3pEoXQnNa9JFVwQZ2aID8YS9Lv1u2oMVDOYMfjK32t5KU2904ZtcTw==
x-hs-target-asset: adsscriptloaderstatic/static-1.278/bundles/pixels-release.js

GET
H2 200 ga.js Show response
ga.clearbit.com/v1/ 6 KB
2 KB 252ms
234ms Script
application/javascript 3.8.13.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.clearbit.com/v1/ga.js?authorization=pk_eb94a3b23abc2d3ed2b6bf58e9046752

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.8.13.190 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-8-13-190.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

d6cb461487644ae6bb56e215a36f02e70750b9b62d2fb5fc99f1bd044face568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
x-api-version: 2019-12-19
vary: Accept-Encoding
x-account-id: 85746c66-8dc1-4570-a5f6-b04cdecd3885
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript;charset=utf-8
content-security-policy-report-only: default-src: 'self'; report-uri https://o13610.ingest.sentry.io/api/6173537/security/?sentry_key=7ac906c405c04da0bad984892f88d1bb

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
3 KB 266ms
251ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=3455675&conversations-embed=static-1.10012&mobile=false&messagesUtk=b64a7f4c511e49f48648f09491bc38d8&traceId=b64a7f4c511e49f48648f09491bc38d8

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

674aa1b9d98ad20fbba108a5f0b096789bafacd70876879bbebb044bac31be9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Referer: https://awakesecurity.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Response headers

date: Mon, 09 May 2022 09:46:27 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 7fdab1c9-6682-4c00-b749-0d56857978ba
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1511
server: cloudflare
x-trace: 2B45206B8C22D4F5D908A19B27C4BA62EC2D1EF3BF000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqYOeANS5y%2Be0j%2FsoY7gVWsDBrh2%2BjPXskxJyqqi1L%2FVXVS8Le8SA7X3TuYDgVNMhfpG%2FLUIvhxW6YkX%2FAAcubxqCaD4LWSuvp6AnW4u6rOw7Vrkyouj%2B2MYJ7jt0oUBg4ZABPwpQsYF06bC1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://awakesecurity.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 7089820ebcb423c7-ZRH
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 175ms
146ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://awakesecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://awakesecurity.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7089820dba9e233d-ZRH
content-length: 18
content-type: text/plain; charset=utf-8
date: Mon, 09 May 2022 09:46:26 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZo1Wyd2wBvrRCpgYTwKosAOYYXFJeC9p3rZ9nhexQly4K%2FApbs%2FaRjDgQKTl52yj3Pvix0VOLwJ%2BK02KBZnbinZsz1DM8aLoZKKtJ0GtJ1WztmxMxh1XSqTr6K9RjgFPubMV4CGpOgtIzjNRA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: 1e583576-c021-418f-811c-74a028eca26d
x-trace: 2B9ACB2C1924DCE63E390F5F978A54312295981652000000000000000000

GET
H3 200 css
fonts.googleapis.com/ 2 KB
525 B 30ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js?ver=5.9.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

10f258f566ac632b83610f3970743e1a74a6340798860be6e2c4a691386819ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 May 2022 09:05:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 09 May 2022 09:46:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 May 2022 09:46:26 GMT

GET
H2 200 email.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/hubspot-icons/ 584 B
920 B 17ms
17ms Image
image/svg+xml 172.67.74.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/hubspot-icons/email.svg

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1651985550&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7d6781923c1121af3b28d0a2d3c9749620616109cc7a1093901ca62dbf6ee53

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1651985550&ver=5.9.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6023628
x-pantheon-styx-hostname: styx-fe4-a-6cdc754b6c-52br4
x-cache: HIT, HIT
x-cloud-trace-context: 3db3228772364a3c832a309ce9b618bc/2294493548528310937;o=0
strict-transport-security: max-age=300
content-encoding: br
x-served-by: cache-mdw17369-MDW, cache-fra19132-FRA
last-modified: Mon, 21 Feb 2022 20:09:41 GMT
server: cloudflare
traceparent: 00-3db3228772364a3c832a309ce9b618bc-1fd7adb9c3749a99-00
x-timer: S1646065959.533828,VS0,VE2
etag: W/"6213f185-248"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQo%2FDMBTXhVjoenCSfK1D0hs8DezeQfs1s7amCLx%2FODM8RqmCtTVwkv%2B%2BMwbQebcn8Sp5%2Fl0qK6UGl9IrV6UfkBXzP1TRbNTlUkKTsNObjaakRHeDq7S7MQuu5bxWwMQ6pm3"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Wed, 22 Feb 2023 20:16:56 GMT
cache-control: max-age=31622400
cf-ray: 7089820daa63916a-FRA
x-styx-req-id: 374d8a35-9353-11ec-9ab9-1af57c8aabe7
x-cache-hits: 1, 1

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v24/ 12 KB
12 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://awakesecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:13:57 GMT
x-content-type-options: nosniff
age: 491549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12708
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 17:13:57 GMT

GET
H2 200 destinations.min.js Show response
x.clearbitjs.com/v2/pk_eb94a3b23abc2d3ed2b6bf58e9046752/ 5 KB
2 KB 222ms
221ms Script
application/javascript 18.168.5.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_eb94a3b23abc2d3ed2b6bf58e9046752/destinations.min.js

Requested by

Host: x.clearbitjs.com
URL: https://x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/clearbit.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.5.55 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-168-5-55.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

d8993d64ad6f9facb9723d9762d0d12d7ff7ac504935840b952e51ecf346a533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: private, max-age=600
content-security-policy-report-only: default-src: 'self'; report-uri https://o13610.ingest.sentry.io/api/6173537/security/?sentry_key=7ac906c405c04da0bad984892f88d1bb

GET
H2 200 tracking.min.js Show response
x.clearbitjs.com/v2/pk_eb94a3b23abc2d3ed2b6bf58e9046752/ 168 KB
45 KB 201ms
201ms Script
application/javascript 18.168.5.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_eb94a3b23abc2d3ed2b6bf58e9046752/tracking.min.js

Requested by

Host: x.clearbitjs.com
URL: https://x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/clearbit.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.5.55 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-168-5-55.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

208803e57a6a6d06cb7ff1e8a775caef1e02fa80d3d84587088ea04a79e7a8ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: private, max-age=600
content-security-policy-report-only: default-src: 'self'; report-uri https://o13610.ingest.sentry.io/api/6173537/security/?sentry_key=7ac906c405c04da0bad984892f88d1bb

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 30ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=524739641515499&ev=PageView&dl=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&rl=&if=false&ts=1652089586917&sw=1600&sh=1200&v=2.9.58&r=stable&ec=0&o=30&fbp=fb.1.1652089586915.1552929697&it=1652089586515&coo=false&exp=p0&rqm=GET

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 09 May 2022 09:46:26 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1434865551&t=event&ni=1&_s=2&dl=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&ul=en-us&de=UTF-8&dt=Catching%20the%20White%20Stork%20in%20Flight%20with%20Multiple%20Techniques%20and%20Tools.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clearbit&ea=Enriched&el=Clearbit%20Enriched&_u=aHBAAEADQAAAAC~&jid=&gjid=&cid=1703798914.1652089586&tid=UA-106883604-1&_gid=2014008312.1652089586&gtm=2wg5405XLMPQR&cd1=company&cd2=WHK%20Controlling&cd3=whk-controlling.de&cd13=google_apps%2Cgoogle_maps%2Cgoogle_tag_manager%2Clinked_in_advertiser%2Cgoogle_analytics&cd4=Trading%20Companies%20%26%20Distributors&cd5=Trading%20Companies%20%26%20Distributors&cd11=DE&cd7=%240-%241M&cd6=1-10&cd8=8624511&z=1313236550

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 May 2022 17:54:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57102
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1434865551&t=event&ni=1&_s=1&dl=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&ul=en-us&de=UTF-8&dt=Catching%20the%20White%20Stork%20in%20Flight%20with%20Multiple%20Techniques%20and%20Tools.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clearbit&ea=Enriched&el=Clearbit%20Enriched&_u=aHDAAEADQAAAAC~&jid=1924536851&gjid=380561521&cid=1703798914.1652089586&tid=UA-106883604-1&_gid=2014008312.1652089586&_r=1&_slc=1&cd2=WHK%20Controlling&cd3=whk-controlling.de&cd13=google_apps%2Cgoogle_tag_manager%2Clinked_in_advertiser%2Cgoogle_analytics&cd4=Trading%20Companies%20%26%20Distributors&cd5=Trading%20Companies%20%26%20Distributors&cd11=DE&cd6=1-10&cd8=8624511&cd15=company&cd9=unknown&cd10=unknown&z=720273554

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 May 2022 09:46:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://awakesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p Show response
app.clearbit.com/v1/ 16 B
519 B 233ms
176ms XHR
application/json 3.8.13.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clearbit.com/v1/p

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.8.13.190 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-8-13-190.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 09 May 2022 09:46:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
access-control-allow-headers: Authorization, API-Version, Content-Type
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://awakesecurity.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy-report-only: default-src: 'self'; report-uri https://o13610.ingest.sentry.io/api/6173537/security/?sentry_key=7ac906c405c04da0bad984892f88d1bb

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 58ms
20ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-106883604-1&cid=1703798914.1652089586&jid=1924536851&gjid=380561521&_gid=2014008312.1652089586&_u=aHDAAEADQAAAAC~&z=519343350

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 09 May 2022 09:46:27 GMT
content-type: text/plain
access-control-allow-origin: https://awakesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 31ms
31ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-106883604-1&cid=1703798914.1652089586&jid=1924536851&_u=aHDAAEADQAAAAC~&z=1904427251

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 09:46:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 30ms
30ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-106883604-1&cid=1703798914.1652089586&jid=1924536851&_u=aHDAAEADQAAAAC~&z=1904427251

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 09:46:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b64a7f4c511e49f48648f09491bc38d8 Show response
app.hubspot.com/conversations-visitor/3455675/threads/utk/ Frame 861C 45 KB
17 KB 205ms
177ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/3455675/threads/utk/b64a7f4c511e49f48648f09491bc38d8?uuid=af02b35d5f474a03aa8c84d26f9479ad&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=awakesecurity.com&inApp53=false&messagesUtk=b64a7f4c511e49f48648f09491bc38d8&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4f85aed01d86afaf20e532575278774c5c2a39bdaf3d1c45766b79046f5cb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://awakesecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 546
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 708982107d1d01df-ZRH
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.12467/html/index.html&cfRay=708982107d1d01df&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F3455675%2Fthreads%2Futk%2Fb64a7f4c511e49f48648f09491bc38d8%3Fuuid%3Daf02b35d5f474a03aa8c84d26f9479ad%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dawakesecurity.com%26inApp53%3Dfalse%26messagesUtk%3Db64a7f4c511e49f48648f09491bc38d8%26url%3Dhttps%253A%252F%252Fawakesecurity.com%252Fblog%252Fcatching-the-white-stork-in-flight%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fawakesecurity.com%2F&cfenv=prod&pdt=2022-05-09&csp=ro
content-type: text/html; charset=utf-8
date: Mon, 09 May 2022 09:46:27 GMT
etag: W/"51715458c01714071b61dafdbd3156b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 02 May 2022 09:53:14 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 920629f47fa586ce02a1a1af8b626578.cloudfront.net (CloudFront)
x-amz-cf-id: HiNqeqGggIKVuS9I18EKqdNHoXYSAXUR2gc2-2A_Df1RafFHEmBENA==
x-amz-cf-pop: IAD89-P1
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: Ir6MeZncWNked7PUsqDMI7unbWAh92NJ
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.12467/html/index.html
x-hs-worker-debug-mode: false

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 6DDF 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://awakesecurity.com
Referer: https://awakesecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://awakesecurity.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 09 May 2022 09:46:27 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.203/ Frame 861C 43 KB
16 KB 58ms
31ms Script
application/javascript 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.203/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/3455675/threads/utk/b64a7f4c511e49f48648f09491bc38d8?uuid=af02b35d5f474a03aa8c84d26f9479ad&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=awakesecurity.com&inApp53=false&messagesUtk=b64a7f4c511e49f48648f09491bc38d8&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e8f0db124467ba13998321f98b5e1a2676bba6a1a4f332d86bda5e67a7193e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:27 GMT
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1439231
x-amz-server-side-encryption: AES256
cf-ray: 70898211e8f001f0-ZRH
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 22 Apr 2022 17:43:58 GMT
server: cloudflare
etag: W/"7f32041ce4ae3e5ab88e0b0ea6ab18e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVNBvHf8%2F69ctiF1agS4XGtV7N4t0TBnxEqdMvHc2anbAuGoMEAcdWIkfCj4mVq6cjFG1OFe7JtEiuj%2FnMIR4WQ8rzCbN62SJlYlRLFUtY3TXJ9c%2B0U%2BGRqJ8d1b4hKtl3%2F470A1Qj%2FqDeCZk%2Bwmgolj9%2Fw%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: UGiKWIpHu8m7uqqaj3K0FjiIdd4O1v_r
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: 4WMFreRDaHqYK24gadD2jzAPCSw2duNYOx4zFQfq3haqw3hMLpOwxQ==
expires: Tue, 09 May 2023 09:46:27 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/ Frame 861C 20 KB
5 KB 50ms
23ms Stylesheet
text/css 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:27 GMT
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 495987
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: PENDING
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 19:50:41 GMT
server: cloudflare
etag: W/"370a89ea102d7b437eb549729472631f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v1qaDYZ7sp0a6HNeuVvX2BJRSHH5V6ESeMN3t73rxBRODbTWY9RKHm00Ng6o8a6f%2F9XRc2QT70KJt7rjuJoYyq2Cj8wSMHeho%2BakUAWZ3%2FjM8OSfsVmji%2BMPZlsnU%2FBiD5WezyOrzPuP18Ui%2Fk5wBKuKEao%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: LgyvJN0nZOCplqIYlCYJJ1cibXdW_3K_
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
cf-ray: 70898211e9f00225-ZRH
x-amz-cf-id: CZQxDwYpr8xiDmFhnVz8W9yyqbDpfMjv9kJOGhAWYSKhYaR6Z3mBEw==
expires: Tue, 09 May 2023 09:46:27 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.245/ Frame 861C 285 KB
92 KB 49ms
22ms Script
application/javascript 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.245/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f71ed5e133bbae4e2ef1723946c5584c9d4896e0fbc2c0cafb55de43712b4720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:27 GMT
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1011171
x-amz-server-side-encryption: AES256
cf-ray: 70898211e8f201f0-ZRH
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Apr 2022 15:52:40 GMT
server: cloudflare
etag: W/"939fdf20ed52bee9b80cc045a31dd0dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=diLL16v%2F4DO7TV3tdtN%2BbIII09JCPUV%2BZTLDJRjlPRox9SE2FTldy%2BPlBy%2FD%2F24TfXebGmvOddBzjXlMzvPsjA335klD%2F%2BYrzAWEK%2Bi6PXXfiVSaxS97kJpaPk2ZubFv8RgccL5ZW%2F4mBduMy%2FYecMu%2FJ9I%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: NuQtwG3QB3159g7h2fjU0t2mShrFaIyk
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: dkyzKNhRbazZkLH_GBZj9R_Wah-rvi_S7fgdoxmzBw32u-1_sypMcg==
expires: Tue, 09 May 2023 09:46:27 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.12467/bundles/ Frame 861C 506 KB
148 KB 57ms
30ms Script
application/javascript 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.12467/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

640641f67d71f804fdc68413adbf92145b91fac27ac8e310402abc74916027ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:27 GMT
via: 1.1 136293f2894c59a2f91cf08997c7140a.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 561189
x-amz-server-side-encryption: AES256
cf-ray: 70898211e8f401f0-ZRH
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 02 May 2022 21:48:50 GMT
server: cloudflare
etag: W/"93612e1ff4989c33f139649cbbe580ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e71LichD41evEy%2Bt6XYtn7ZGM3g3GZi0eb08ewSc5DKyegbkWMp1P2UsUx3fvA0NS3g18Qr0oiyVx64eiD5mODF6Cxl3rH5ymxprlrJCm8dAQAtLBVDejii4ceJfHup%2FKRAPRO1tT9ZlGFDSiNUeuvYM8Bc%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: c_ME8I9c5rS_VUPeb2G11xh.FkzqNYqo
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: TXL50-P4
content-type: application/javascript
x-amz-cf-id: OkAlCCAouLo8RnnFzRDiqhUBM4CzC5KuDWglPoNC79iOKSoRKwxhdg==
expires: Tue, 09 May 2023 09:46:27 GMT

GET
H3 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.12345/ Frame 861C 776 B
1 KB 40ms
22ms Script
application/javascript 2606:4700::6811:5d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.12345/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.12467/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:5d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f4539d65bbb4e63f0aa6cf4d575ef93999a2c3d22a3834fc2b1283b4722531c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:27 GMT
via: 1.1 1dc2ff77d1e8b23aad1d3301c4982860.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2376249
x-amz-server-side-encryption: AES256
cf-ray: 70898212df1d01e7-ZRH
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Apr 2022 21:46:08 GMT
server: cloudflare
etag: W/"86a4c873ef7ecdf9b2c0519ae1f7cabc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHrrNsGCEaOH7DEqQCxTJDNskve2Ml4tRH0jRMTt1Fh6M6RpffRs6OAbYRvlAfBGjQ7prlcXmybA8KU1sblU%2BjhzkjkiMj%2Fnz%2F6zm%2B44p66JxCL30jaewKhfe71ik%2FlLOS7b4NQecGhQMK6MySxyi9F4sKk%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: ZkyW9K.WQcROxyOxhmlVF7b4.3qSqja5
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: CDG50-C2
content-type: application/javascript
x-amz-cf-id: Q9BWqVG-FUBWfoY-BtoTX1Sa4sfhyKudgDc7HsX4IodsMsoXq9v6hg==
expires: Tue, 09 May 2023 09:46:27 GMT

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 21ms
6ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: TG0A5SDZJ767Q1E7
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: +SM8u7osfmExQLZWh68JZqQBrUjeaPn+iRiHCVB3IwlHIvvcrTZhMwzKZMUT8BlC+T+K2o8ok2g=
x-served-by: cache-hhn4055-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1652089588.712043,VS0,VE0
date: Mon, 09 May 2022 09:46:27 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10141

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
428 B 291ms
290ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=552bf00a-3b99-46d5-ab7b-f3e36e880305&fci=58c01eac-bad8-4019-8fa8-28396aee438c&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3280190177&v=1.1&a=3455675&rcu=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&pu=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&t=Catching+the+White+Stork+in+Flight+with+Multiple+Techniques+and+Tools.&cts=1652089587696&vi=655f0a9628dc01132e97c401ee7aac1c&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:27 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 973db530-a6d8-45e1-bcbf-1f5ecd24ddc9
cf-ray: 7089821338fa01df-ZRH
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5Qcf%2BzFvrPBoXgCp%2FJsqBjtPIdHCnC0Uw3rO5AYA9ryEeaxnC7oOaugXxbfERdBQ3CAPY6weLu%2FaUbIYcQpe1I4nO1QMf03avu1MJgp299QRM1xNY%2BLe4Pzg6e%2Fywr8jnUKSQW0OXk6%2Fc9xpRk9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
512 B 137ms
137ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3280190177&v=1.1&a=3455675&rcu=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&pu=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&t=Catching+the+White+Stork+in+Flight+with+Multiple+Techniques+and+Tools.&cts=1652089587698&vi=655f0a9628dc01132e97c401ee7aac1c&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:27 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 83ee337a-48f3-47c5-a205-0319281e7866
cf-ray: 7089821338fd01df-ZRH
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0A%2FgaRTChO4Nd2yan6r7Ha09AxiGxMEHd6CXMRW3CjMLRYRZtF9Il9N%2F4SLPJDe1vov0MAhj3zFRiavsn3yg8p3Li3eoEBAuc947ydxl%2BXP6KFW4VlsDtX2pM6eDyj4F9yX8f7bkD6nIu2pZfQJ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 65 B
907 B 496ms
453ms XHR
application/json 2606:4700::6811:cacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=3455675

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d14562bdd7ab76c74ed43f655a6513f731cef5abea78fb3fe901fee4447dc5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 38357f84-118a-484b-bfb5-379b905ce35d
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BAFDBCB8E206B6913D58FE9DE15A16F0803468F0E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYky86B5xYR7%2BiEA8kgE3s8WzxTSaC3F7tCznL754%2FyM6lEZpLE34SizMIaJCxvC9sJllFNpi6JKvYyi%2BIFkJDvvaPRLphXF6nnrDhVtjvZ6Fy8mVmycKe5dlaM7vgIwXofwWEQEv%2BOgwSgI"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://awakesecurity.com
access-control-allow-credentials: false
cf-ray: 708982137b2acc62-ZRH
access-control-allow-headers: *

POST
H3 204 rhumb
api.hubspot.com/cartographer/v1/ Frame 861C 0
1 KB 192ms
176ms Ping
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.12467

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.12467/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 09 May 2022 09:46:27 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: d58626c0-9482-4297-a5da-d51426f819c7
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZ64Ecfc13yuQ5HBNf3RhqDCFw7Wu1w4mdbM4Hrrs%2FSOm0a3%2Fp4rctesBKOZwTp2gWHu2J7OqUhjsAbfoyBOdRzuRYZ7RkJPQFZ4OhsqP3fTQZgrZezeTT91cDbEeWAbcxu6b%2FFMNBZhjz37og%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 708982137b490200-ZRH
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer

GET
H3 200 welcomeMessages Show response
api.hubspot.com/livechat-public/v1/bots/public/bot/1134071/ Frame 861C 912 B
1 KB 429ms
419ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/bots/public/bot/1134071/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.12467&conversations-visitor-ui=static-1.12467&traceId=b64a7f4c511e49f48648f09491bc38d8&sessionId=AMOaWbK987pu0qMZXXF__9dxgMvfk1ZTsbeJ-JIarA3zUEqOAEDhZIvpM8apfuWxFFM7GgqGtgG9RWQjRskvQtorPCvocoyOuC8LwCnznN0Hf_ewGWCdXdLq-exIJZOwlswwikDhEPERtsqwWo9tsoAYueNIGwobbIv-Yu0rOVT49IMCjPB3csk

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.203/bundle.production.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f59a6c62925970e28ef7eef18a8c569a556b9e7c0cee07b0ec7cd9405c6ffc0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:46:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ef28443e-517a-434d-b7d9-4fef27bdc5ba
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
x-trace: 2BA0BEE800E37DCAB8D5159B9ECDA2BBFA0F51F3E0000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6E4dfDIsEVN0LvpsCA0%2FYbx67i62u68Y8uDhnzc59225rSjmPY6IpWHkhaP5TDKKEQwfA6CJCRwLd8IGIOzyuInNP2qPiRNj2ef1NtaU%2Bms5Sc18S1WKW3RrV2%2FummsDEo%2F9J%2B0ej4VeP3b9jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
cf-ray: 708982137b4d0200-ZRH
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H/1.1 200
OK NRJS-64a4f7ef2e21bc2285c Show response
bam.nr-data.net/1/ 57 B
322 B 409ms
101ms Script
text/javascript 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-64a4f7ef2e21bc2285c?a=406231165&v=1216.487a282&to=MVUBZRFTXxVSV00PWggfIlIXW14IHERWFUE%3D&rst=2353&ck=1&ref=https://awakesecurity.com/blog/catching-the-white-stork-in-flight/&ap=530&be=778&fe=2299&dc=1002&perf=%7B%22timing%22:%7B%22of%22:1652089585389,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:14,%22c%22:14,%22s%22:22,%22ce%22:36,%22rq%22:36,%22rp%22:753,%22rpe%22:754,%22dl%22:756,%22di%22:1002,%22ds%22:1002,%22de%22:1003,%22dc%22:2299,%22l%22:2300,%22le%22:2313%7D,%22navigation%22:%7B%7D%7D&fp=855&fcp=855&at=HRICE1lJTBs%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 16ms
15ms Script
application/x-javascript 2a02:26f0:3500:7::17d8:4dcc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dcc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 09:46:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=56643
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: img.blindspot.ai
URL: https://img.blindspot.ai/dot.png?gtmcb=696281624

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: dbz4BC-3B7o
.youtube.com/	1970-01-20 07:14:01	Name: VISITOR_INFO1_LIVE Value: dEuXFFt18ZQ
.awakesecurity.com/	1970-01-20 11:40:25	Name: _biz_uid Value: e6419d3e93ce475fada8cb84c9a3f8f3
.awakesecurity.com/	1970-01-20 02:54:51	Name: _biz_sid Value: d05e9
.awakesecurity.com/	1970-01-20 11:40:25	Name: _biz_nA Value: 1
.bizible.com/	1970-01-20 11:40:25	Name: _BUID Value: e6419d3e93ce475fada8cb84c9a3f8f3
.awakesecurity.com/	1970-01-20 05:04:25	Name: _gcl_au Value: 1.1.479694911.1652089586
.bizibly.com/	1970-01-20 11:40:25	Name: _BUID Value: ffe9788391036ceb7fd9cf7fd01bfe44
.awakesecurity.com/	1970-01-20 11:40:25	Name: _biz_pendingA Value: %5B%5D
.awakesecurity.com/	1970-01-20 20:26:01	Name: _ga Value: GA1.2.1703798914.1652089586
.awakesecurity.com/	1970-01-20 02:56:15	Name: _gid Value: GA1.2.2014008312.1652089586
.awakesecurity.com/	1970-01-20 02:54:49	Name: _gat_cb252020 Value: 1
awakesecurity.com/	1970-01-20 11:40:25	Name: optiMonkClientId Value: f3d4b911-e403-031d-d733-6e2807f90015
.doubleclick.net/	1970-01-20 02:54:50	Name: test_cookie Value: CheckForPermission
.awakesecurity.com/	1970-01-20 11:40:25	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+May+09+2022+09%3A46%3A26+GMT%2B0000+(GMT)&version=6.24.0&isIABGlobal=false&consentId=8fd170d9-dd49-47c7-99de-248698d55cc9&interactionCount=0&landingPath=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0&hosts=H31%3A0%2CH30%3A0%2CH40%3A0%2CH26%3A0%2CH1%3A0%2CH27%3A0%2CH28%3A0%2CH29%3A0%2CH15%3A0%2CH32%3A0%2CH6%3A0%2CH18%3A0%2CH33%3A0%2CH34%3A0%2CH35%3A0%2CH12%3A0
.awakesecurity.com/	1970-01-20 11:40:25	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.twitter.com/	1970-01-20 20:26:01	Name: personalization_id Value: "v1_QeSX9trWMvcGmjrNaSyo3g=="
.linkedin.com/	1970-01-20 03:38:01	Name: UserMatchHistory Value: AQI3frhdGqVSxAAAAYCoNoPiMINjnJQY75KxKkE_ntp1tBx1s1cbI_ZzrAVda70RCM4FR--RCXfS-A
.linkedin.com/	1970-01-20 03:38:01	Name: AnalyticsSyncHistory Value: AQIcqQ6uM8RCFgAAAYCoNoPiUMjZEF2Oealm7T0YHXqwMOyEEBlUvj_uB-lmv0RJ91BbkIAALqPsJ5I3su8uJw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 20:26:43	Name: bcookie Value: "v=2&0e19b959-7ce2-421d-8f3b-2645308a57c0"
.linkedin.com/	1970-01-20 02:56:15	Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2296:u=1:x=1:i=1652089586:t=1652175986:v=2:sig=AQGp9E3QizGXSevFnf-VYyMIG3Pq1jMO"
.t.co/	1970-01-20 20:26:01	Name: muc_ads Value: 53172d8f-ab2b-4611-92df-41ec2e67afc3
.awakesecurity.com/	1970-01-20 05:04:25	Name: _fbp Value: fb.1.1652089586915.1552929697
.facebook.com/	1970-01-20 05:04:25	Name: fr Value: 0aCS7n6kvcUCTdIkX..BieOLy...1.0.BieOLy.
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 20:26:43	Name: bscookie Value: "v=1&20220509094626b4994bf4-00b7-4331-851f-bab52c89c0dcAQFqt_wj9sZojZe4yCZhJ-NHiDqkWyvu"
.linkedin.com/	1970-01-20 20:19:25	Name: li_gc Value: MTswOzE2NTIwODk1ODY7MjswMjFr10D5Q55GEirTOeDKQO5OpPx238yOlxZrzPyVcjRNBA==
.awakesecurity.com/	1970-01-20 02:54:49	Name: _gat_awake_security___all_website_data_Clearbit Value: 1
.awakesecurity.com/	1970-01-20 11:40:25	Name: cb_user_id Value: null
.awakesecurity.com/	1970-01-20 11:40:25	Name: cb_group_id Value: null
.awakesecurity.com/	1970-01-20 11:40:25	Name: cb_anonymous_id Value: %228509a8f1-dde8-4bcd-9e72-dcb7f694d133%22
.hubspot.com/	1970-01-20 02:54:51	Name: __cf_bm Value: vWqu94B00Ix6B121njn3FqC48v7JDX7WOc0k3PYnyi0-1652089587-0-AWhzio63d1mUsbkyhjHEhTOi+AeI4xaffBQjn3EWeGGidxSFw3m93jta6GjPLNHyfooxF/JTii2ZqK/m9rr9Pu8=
.awakesecurity.com/	1970-01-20 07:14:01	Name: __hstc Value: 52274294.655f0a9628dc01132e97c401ee7aac1c.1652089587692.1652089587692.1652089587692.1
.awakesecurity.com/	1970-01-20 07:14:01	Name: hubspotutk Value: 655f0a9628dc01132e97c401ee7aac1c
.awakesecurity.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.awakesecurity.com/	1970-01-20 02:54:51	Name: __hssc Value: 52274294.1.1652089587692
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: cb76448e0398a719

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://img.blindspot.ai/dot.png?gtmcb=696281624 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.hubapi.com
api.hubspot.com
app.clearbit.com
app.hubspot.com
awakesecurity.com
bam.nr-data.net
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
front.optimonk.com
ga.clearbit.com
geolocation.onetrust.com
googleads.g.doubleclick.net
gs-cdn.optimonk.com
hubspot.clearbit.com
img.blindspot.ai
jfapiprod.optimonk.com
js-agent.newrelic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
js.usemessages.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
static.ads-twitter.com
static.hsappstatic.net
stats.g.doubleclick.net
t.co
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.youtube.com
x.clearbitjs.com
img.blindspot.ai
104.244.42.195
104.244.42.69
13.107.42.14
138.199.37.226
142.250.184.226
151.101.2.137
152.195.15.58
162.247.242.19
167.99.251.246
172.67.74.98
18.168.5.55
199.232.188.157
2606:4700:10::6814:b844
2606:4700:4400::6812:21ab
2606:4700::6810:5905
2606:4700::6810:9440
2606:4700::6811:45b0
2606:4700::6811:5d2
2606:4700::6811:73b0
2606:4700::6811:b649
2606:4700::6811:cacc
2606:4700::6811:d2cc
2606:4700::6811:eecc
2606:4700::6813:9a53
2620:1ec:21::14
2a00:1450:4001:803::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c08::9b
2a02:26f0:3500:7::17d8:4dcc
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f12d:181:face:b00c:0:25de
3.8.13.190
34.117.177.207
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10f258f566ac632b83610f3970743e1a74a6340798860be6e2c4a691386819ac
1201a7ade8b583fd9855901caec83fb98deae7c63cb5422c710eb89c371a53e7
142e1cd28809b7bbe61123941a3a70a045a5c1fa864c97574b32abd94f4b4229
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1547a5df4d7720dfbf9fceaac844032e843742b2a471435775e0739409361736
1ad7be1450b1857107cbdaf03fd3e1c23c864d10c3c5c842454fdefc6f2ee58c
1f4539d65bbb4e63f0aa6cf4d575ef93999a2c3d22a3834fc2b1283b4722531c
208803e57a6a6d06cb7ff1e8a775caef1e02fa80d3d84587088ea04a79e7a8ea
24c9acfa313cfec8010a06f68b2143cbf9dc55d9e7b41f39776bf0f0c541433e
263971a8cab1ad0a5beb2f88b39a2b7937295ce9c4df96ad2eac055124ee2125
2968919dbc80c508f7ab0d60e7b1c9dfb7967135ff892f672c37963b325654cf
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
33de01f1dce7eee5b5ea44986000f20ac585c04d34a29cd2b7f4791021455fd6
34cdaf5ee94e8484cb6ecfd7cdfba2d0078977550770df9dd08d4622507eb69c
3b660838b195a80d6a5c09d6e015aeb156f2eec40e09c1a66e5cb6f9ab32c86d
3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854
47ea5256bfc4bb763ac4c6ee485c593f5647d6518a2bd77310d0290b09ff5155
482866f926d0ddaff02efee02da8b54a6fe2de90bedec9d7c9bf1d1ae2c65834
4a65fceb8cb7cc054440ed4130ef0e55ec5f5d8c3067cbc485b5ffae0b59c634
59724cd88aeb9ed1579086352c4eefc048cdc7207c3dbf8c450ac1030cc57d3b
599285b3c4e8527aadfdf649f085dc0ddbc8aaa3cafe5408bf9bceae023b1d1b
59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734
59da0c2264893cbdf54acb776e32116e68c202024e5670be94782329242523cd
5a66b75a0605cde41e287281ecb1232c00ebb98371a0c52b6067d2a5d1fbef48
5e232623c90033b45c4ca98c53ff6b4b5b6c54b1c2da2f05a3a1a7e68e2ca8f5
63c25a34debe806536107459576591bbecd97abe950d97ea98eb7da8124fefb0
640641f67d71f804fdc68413adbf92145b91fac27ac8e310402abc74916027ef
674aa1b9d98ad20fbba108a5f0b096789bafacd70876879bbebb044bac31be9e
67a5c517c6c560ab802ea399c5f6d4d7c0c261957d497c4006ae1ea9522f099d
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
7cdc558992cf8d77ea5e9fb2360e25aaf19eb850036f750657963044a5b3ca1c
827ad877bc995d3249dc37ce07b933b5783ee4a2cabf7ca9d6636b6e759ec50b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749
8d14562bdd7ab76c74ed43f655a6513f731cef5abea78fb3fe901fee4447dc5e
8e8f0db124467ba13998321f98b5e1a2676bba6a1a4f332d86bda5e67a7193e0
93cc545f534a75a876beccc35125e563e20bb9857714482547fc151f07d57595
9a8edbef79c552317072ecd5809fbef66e060fdf4f837f8266ff78999c23b027
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5439690d82314004da4f641bc4929a5a002367c14254d873f43d1ced12999c8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae8ea20dd3a3dbd0a0eaf4f108a370cce90582101f3c20ddf921b37ce820a04c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afca0f094dd763124013b42ad25e4bdfa39d111e3e01689961199142e298bc6e
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b4f85aed01d86afaf20e532575278774c5c2a39bdaf3d1c45766b79046f5cb61
b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bfebeb6103a4b33e61c6fa680145d5584e4e16de70205495f48bdb8bf49d52be
bffb4959816530e8bc2f20a253a30eb25f3a7757fd8481a63e733c0023cf12fb
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cbda94666db24554bf77638fc059848d381c3c98f7f24641fa830abcd5793de7
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d088bee0f421a9d84586b4e47c7b43b179d44377f656af2e6e4021d7baceb726
d435074da875ff2017a093ab23d347cc660690697ff068f9eaadec22eae8a0dd
d6cb461487644ae6bb56e215a36f02e70750b9b62d2fb5fc99f1bd044face568
d8993d64ad6f9facb9723d9762d0d12d7ff7ac504935840b952e51ecf346a533
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0dd8ccd27470010f5148a31d1d6dafee2ddccca06b73536e3219bcd790a4fad
e1542137a20a23276ec5664c54bb99113c42280bf1f699d035e6d12f2381c156
e25a07abea29fb732abbcadbc34d98aff95a4629359c7201e5fe265a41f8a419
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852
ef000116a095a861514ad5de78a59ffd3fea4733bee92e71aacfbb36577001de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efef3c8dbafbf539e497c616457bfacef392ddbe7229328ca951beef231972a8
f53e57a616ddec123535e664855afed010635d4fbe95c8853c32618ff9373fc0
f5699a9f1ae7a130fcd36591551ae1443606804654acae67173e1c9dda43848b
f59a6c62925970e28ef7eef18a8c569a556b9e7c0cee07b0ec7cd9405c6ffc0b
f6350dc5fa1ebddf8791e7ad092f595be666e1dd67e317adcc7219d185548feb
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f71ed5e133bbae4e2ef1723946c5584c9d4896e0fbc2c0cafb55de43712b4720
f766c61297183207dea435ddd5ce006c7230aa27c834bb1bc4dbe01b83d97d69
f7d6781923c1121af3b28d0a2d3c9749620616109cc7a1093901ca62dbf6ee53
faca2a40969659b6bd6588bf951d7a1e95b60130c3b3906bf64f9c3f23d1267f
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
fe65e8f74381d5afc5a63c298f62b26c4b68531e9e2792e6fa63f4af24842596

awakesecurity.com Open in urlscan Pro 172.67.74.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

100 Requests

97 %HTTPS

64 %IPv6

37 Domains

46 Subdomains

39 IPs

5 Countries

1682 kBTransfer

4621 kBSize

38 Cookies

14 Outgoing links

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

awakesecurity.com Open in urlscan Pro
172.67.74.98 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

97 %
HTTPS

64 %
IPv6

37
Domains

46
Subdomains

39
IPs

5
Countries

1682 kB
Transfer

4621 kB
Size

38
Cookies

100 HTTP transactions
1 data transactions