awakesecurity.com Open in urlscan Pro
104.26.15.86 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
Submission Tags: falconsandbox
Submission: On June 24 via api (June 24th 2022, 12:52:56 am UTC) from US — Scanned from DE

Summary HTTP 100 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 40 IPs in 4 countries across 37 domains to perform 100 HTTP transactions. The main IP is 104.26.15.86, located in United States and belongs to CLOUDFLARENET, US. The main domain is awakesecurity.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 17th 2022. Valid for: a year.

This is the only time awakesecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	104.26.15.86 104.26.15.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6811:b649	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
3	18.169.82.163 18.169.82.163	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5805	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c24a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	157.245.25.14 157.245.25.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
1 4	18.169.62.151 18.169.62.151	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	138.199.37.226 138.199.37.226	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	34.117.177.207 34.117.177.207	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:efcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:70b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
5	2606:4700::68... 2606:4700::6811:7d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
100	40

18 104.26.15.86 (United States)

ASN13335 (CLOUDFLARENET, US)

awakesecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b649 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.169.82.163 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-82-163.eu-west-2.compute.amazonaws.com

hubspot.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ga.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:ef::5c7b:c24a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.245.25.14 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

front.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.169.62.151 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-62-151.eu-west-2.compute.amazonaws.com

x.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.37.226 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-226.datapacket.com

gs-cdn.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.177.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.177.117.34.bc.googleusercontent.com

jfapiprod.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:70b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:7d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	awakesecurity.com awakesecurity.com	458 KB
7	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4290 track.hubspot.com — Cisco Umbrella Rank: 2144 app.hubspot.com — Cisco Umbrella Rank: 5854	24 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 450	119 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6868	263 KB
5	optimonk.com front.optimonk.com — Cisco Umbrella Rank: 22058 gs-cdn.optimonk.com — Cisco Umbrella Rank: 26794 jfapiprod.optimonk.com — Cisco Umbrella Rank: 24440	51 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	58 KB
5	gstatic.com fonts.gstatic.com	126 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 395 www.linkedin.com — Cisco Umbrella Rank: 485 px4.ads.linkedin.com — Cisco Umbrella Rank: 5675	3 KB
4	clearbitjs.com 1 redirects x.clearbitjs.com — Cisco Umbrella Rank: 13967	49 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5448	718 B
3	google.com www.google.com — Cisco Umbrella Rank: 8	718 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119	2 KB
3	clearbit.com hubspot.clearbit.com — Cisco Umbrella Rank: 113983 ga.clearbit.com — Cisco Umbrella Rank: 38935 app.clearbit.com — Cisco Umbrella Rank: 14451	9 KB
3	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 7048	33 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	315 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	109 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 780	7 KB
2	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4450	4 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 107	52 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	2 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 284	721 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3680	914 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 412	14 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3409	3 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4780	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2069	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2061	20 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 516	355 B
1	t.co t.co — Cisco Umbrella Rank: 455	337 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 632	15 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2291	981 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 8307	202 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 766	457 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	68 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6630	147 KB
0	blindspot.ai Failed img.blindspot.ai Failed
100	37

	Domain	Requested by
18	awakesecurity.com	awakesecurity.com
7	cdn.cookielaw.org	awakesecurity.com cdn.cookielaw.org
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
5	www.google-analytics.com	www.googletagmanager.com cdn.bizible.com awakesecurity.com
5	fonts.gstatic.com	fonts.googleapis.com
4	api.hubspot.com	cdn.bizible.com static.hsappstatic.net
4	x.clearbitjs.com	1 redirects awakesecurity.com x.clearbitjs.com
3	www.google.de	awakesecurity.com
3	www.google.com	awakesecurity.com
3	front.optimonk.com	awakesecurity.com front.optimonk.com cdn.bizible.com
3	cdn.bizible.com	awakesecurity.com cdn.bizible.com
2	track.hubspot.com
2	stats.g.doubleclick.net	cdn.bizible.com
2	www.facebook.com	awakesecurity.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	awakesecurity.com connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com js.hsadspixel.net
2	forms.hsforms.com	cdn.bizible.com
2	www.youtube.com	awakesecurity.com www.youtube.com
2	fonts.googleapis.com	awakesecurity.com js.hsforms.net
1	app.hubspot.com	js.usemessages.com
1	bam.nr-data.net	js-agent.newrelic.com
1	api.hubapi.com	cdn.bizible.com
1	js-agent.newrelic.com	awakesecurity.com
1	app.clearbit.com	cdn.bizible.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	ga.clearbit.com	www.googletagmanager.com
1	jfapiprod.optimonk.com	gs-cdn.optimonk.com
1	analytics.twitter.com	awakesecurity.com
1	t.co	awakesecurity.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	gs-cdn.optimonk.com	front.optimonk.com
1	px4.ads.linkedin.com	awakesecurity.com
1	www.linkedin.com	1 redirects
1	static.ads-twitter.com	awakesecurity.com
1	js.hs-scripts.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.bizibly.com	awakesecurity.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	hubspot.clearbit.com	awakesecurity.com
1	www.googletagmanager.com	awakesecurity.com
1	js.hsforms.net	awakesecurity.com
0	img.blindspot.ai Failed	awakesecurity.com
100	46

This site contains links to these domains. Also see Links.

Domain
www.arista.com
github.com
www.crowdstrike.com
twitter.com
www.linkedin.com
www.facebook.com
www.instagram.com
www.youtube.com
www.onetrust.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-30` - `2022-07-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
clearbit.com Amazon	`2021-08-27` - `2022-09-25`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.optimonk.com AlphaSSL CA - SHA256 - G2	`2022-05-16` - `2023-06-17`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-02` - `2022-07-01`	3 months	crt.sh
gs-cdn.optimonk.com R3	`2022-06-08` - `2022-09-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
jfapiprod.optimonk.com GTS CA 1D4	`2022-06-10` - `2022-09-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
clearbitjs.com Amazon	`2022-02-18` - `2023-03-18`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
Frame ID: 83CD61BCB3B1B6CE6DAFA393FA0E6703
Requests: 90 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 13A3A3168B47BD1D3083D7ED1B1306FB
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/3455675/threads/utk/0b86c236edd34f268ebfe8b3df3d9aa3?uuid=c6671d2256854832976fa966ef9ab3fc&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=awakesecurity.com&inApp53=false&messagesUtk=0b86c236edd34f268ebfe8b3df3d9aa3&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: EFC13DCCEFD3B7271F447F4B8583450E
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Catching the White Stork in Flight with Multiple Techniques and Tools.Back ButtonFilter Button

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

100
Requests

97 %
HTTPS

65 %
IPv6

37
Domains

46
Subdomains

40
IPs

4
Countries

1690 kB
Transfer

4649 kB
Size

37
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.arista.com/en/company/news/press-release/11750-pr-20200928
Title: Awake Security is now Arista NDR

Search URL Search Domain Scan URL

URL: https://github.com/cobbr/SharpSploit
Title: SharpSploit

Search URL Search Domain Scan URL

URL: https://github.com/adrecon/ADRecon
Title: ADRecon

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.com/blog/getting-the-bacon-from-cobalt-strike-beacon/
Title: CrowdStrike

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Catching%20the%20White%20Stork%20in%20Flight&url=https://awakesecurity.com/blog/catching-the-white-stork-in-flight/&via=AwakeSecurity
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=1&url=https://awakesecurity.com/blog/catching-the-white-stork-in-flight/&title=Catching%20the%20White%20Stork%20in%20Flight&summary=Executive%20Summary%20Arista%E2%80%99s%20Awake%20Labs%20team%20responded%20to%20a%20cybersecurity%20incident%20with%20a%20campaign%20that%20has%20been%20active%20since%20at%20least%20October%202020,%20which%20we%20are%20labeling%20Operation%20White%20Stork.%20This%20campaign%20utilized%20multiple%20techniques%20and%20tools%20including%20Cobalt%20Strike%20Beacon,%20the%20MetaSploit%20Framework,%20Mimikatz,%20SharpSploit%20and%20exfiltration%20using%20rclone.%20Awake%E2%80%99s%20analysis%20showed%20that%20the%20[%E2%80%A6]&source=https://awakesecurity.com/
Title: Share

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/kieran-evans-77632427/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/awake-security
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/AwakeSecurity
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AwakeSecurity/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/awake_security/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/AwakeSecurity
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.arista.com/en/privacy-policy#Cookie_Policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/clearbit.js HTTP 302
https://x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/tags.js?reveal=false&reveal_async=false&tracking=true&tracking_auto_page_events=false&tracking_cookies=true&tracking_legacy=true

Request Chain 51

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1656031971303&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D116994%26time%3D1656031971303%26url%3Dhttps%253A%252F%252Fawakesecurity.com%252Fblog%252Fcatching-the-white-stork-in-flight%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1656031971303&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1656031971303&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&liSync=true&e_ipv6=AQK4SogxD_mP9QAAAYGTMoneMpT9FnmnG3RDNN_dSTR-tIevM2GFWTuHrGzUL7AyHNj39ImH

100 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
awakesecurity.com/blog/catching-the-white-stork-in-flight/ 116 KB
28 KB 709ms
536ms Document
text/html 104.26.15.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7706f4a08bc313a7add61864f0067b5126f836fd76dd2586f39f19bc8f278a8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: public, max-age=600
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 72017ba36a0c6993-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 24 Jun 2022 00:52:50 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://awakesecurity.com/?p=8841>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJCMtrP7cnEUiJ6tybXV3JTFlXV9yXGs3kzCMxmDfOhnWewWYrDzgHppzu0AqAGzRs2g2rPpplXMiy0%2FXPBLQLOQKth3pbsnPOL%2Fe4HXY1xGcy5EzeeLCDyCwrH61dzdrZHH"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=300
traceparent: 00-e268f7dcb51240029b0f4e01cb322af4-34aa4a0de029176e-00
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-cloud-trace-context: e268f7dcb51240029b0f4e01cb322af4/3794927059468883822;o=0
x-frame-options: deny
x-pantheon-styx-hostname: styx-fe4-a-5bdbff5f88-z4fpg
x-served-by: cache-mdw17366-MDW, cache-hhn4057-HHN
x-styx-req-id: f88c0bdb-f357-11ec-9001-e2939913939f
x-timer: S1656031970.866951,VS0,VE478

GET
H2 200 style.min.css
awakesecurity.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 25ms
23ms Stylesheet
text/css 104.26.15.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:50 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489053
x-pantheon-styx-hostname: styx-fe4-b-58789fbcc4-qptmh
x-cache: HIT, HIT
x-cloud-trace-context: 65d193abb01649bdaeb05aa43c70b298/18262826678493696894;o=0
content-encoding: br
x-served-by: cache-mdw17356-MDW, cache-fra19167-FRA
last-modified: Tue, 07 Jun 2022 15:13:29 GMT
server: cloudflare
traceparent: 00-65d193abb01649bdaeb05aa43c70b298-fd72981a7e24d37e-00
x-timer: S1655542917.371933,VS0,VE203
etag: W/"629f6b19-15b26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwDvV0kps8sJax41ZA6xiUZLRcwnfe8Tm2F3InNvtm2v5MF%2FO5XVbaqueANCbDxc5UbH4gxx4n%2FAAkTgStvh%2BhJpwiByEpAKvQpX8ub%2FREifsxzRMlxO5Nk6kbr32e7sFr1a"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 09d1efb3-e676-11ec-88e4-0617dcf2e98a
expires: Thu, 08 Jun 2023 15:25:18 GMT
cache-control: max-age=31622400
cf-ray: 72017ba6dc7f6993-FRA
x-cache-hits: 1, 1

GET
H2 200 awake.css
awakesecurity.com/wp-content/themes/awake19/assets/dist/ 70 KB
13 KB 25ms
23ms Stylesheet
text/css 104.26.15.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1655914949&ver=6.0

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34cdaf5ee94e8484cb6ecfd7cdfba2d0078977550770df9dd08d4622507eb69c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:50 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 114695
cf-polished: origSize=91765
x-cache: HIT, HIT
x-cloud-trace-context: ff236db6478e415196dc4fa516b87c93/11733247426584248219;o=0
x-cache-hits: 1, 1
cf-bgj: minify
content-encoding: br
x-served-by: cache-mdw17344-MDW, cache-fra19153-FRA
last-modified: Wed, 22 Jun 2022 16:22:29 GMT
server: cloudflare
traceparent: 00-ff236db6478e415196dc4fa516b87c93-a2d4de5e7b51ff9b-00
x-timer: S1655917275.324867,VS0,VE2
etag: W/"62b341c5-16675"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hq%2FGAarnaQIId7CAQsFGGj1LiQlGHK9tYKlc0X0rY8cER0q2yHFLcqC8Vl%2BogFxSh9qF5ZeKbSbjJ4nnyO9xzyIB9JXDNB93xnh9NCJ2O0xPOd%2FrYJQptxS43CClBpD%2BfDab"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: eef8d1b9-f247-11ec-b29b-f2b73a834884
expires: Fri, 23 Jun 2023 16:25:30 GMT
cache-control: max-age=31622400
cf-ray: 72017ba6dc806993-FRA
x-pantheon-styx-hostname: styx-fe4-b-5fc44d9759-wddcw

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 141ms
48ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C600%7CQuattrocento%3A400%2C700&ver=6.0

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3bcef1961edf3ebfbecb3d54f2dc2ccb3dd0d8539ab61d714244733a22a6dc4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:52:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 24 Jun 2022 00:52:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Jun 2022 00:52:50 GMT

GET
H2 200 jquery.min.js Show response
awakesecurity.com/wp-includes/js/jquery/ 87 KB
32 KB 27ms
26ms Script
application/x-javascript 104.26.15.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:50 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489053
x-pantheon-styx-hostname: styx-fe4-a-7fcd8d8bb9-cfwwp
x-cache: HIT, HIT
x-cloud-trace-context: 6d26e8364e164b02aa8073d3f301186e/9499298887332233095;o=0
content-encoding: br
x-served-by: cache-mdw17343-MDW, cache-hhn4058-HHN
last-modified: Tue, 07 Jun 2022 15:13:30 GMT
server: cloudflare
traceparent: 00-6d26e8364e164b02aa8073d3f301186e-83d44a0232b37f87-00
x-timer: S1655542917.391632,VS0,VE1
etag: W/"629f6b1a-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PbgP2cfmgjfD9YNxTg%2FDKe8XHtEkDYPL9tAgVjLyVHUHX2xFLlaLI3s879NyyFLuAm4tK2qqeOG4L7yBlcnq7dyqClo3L%2BhtipnrsIlR7Dn7GSOF9gY4Cc6VLvRfYJoOXp%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: c8c45720-e6f3-11ec-bd2d-72200f4284df
expires: Fri, 09 Jun 2023 06:25:26 GMT
cache-control: max-age=31622400
cf-ray: 72017ba6dc826993-FRA
x-cache-hits: 1, 1

GET
H2 200 jquery-migrate.min.js Show response
awakesecurity.com/wp-includes/js/jquery/ 11 KB
5 KB 23ms
21ms Script
application/x-javascript 104.26.15.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:50 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489053
x-pantheon-styx-hostname: styx-fe4-a-7fcd8d8bb9-8dxst
x-cache: HIT, HIT
x-cloud-trace-context: 485a4df83e474a04a9fdf047bcc81ee6/14260530804343638721;o=0
content-encoding: br
x-served-by: cache-mdw17322-MDW, cache-fra19155-FRA
last-modified: Tue, 07 Jun 2022 15:13:30 GMT
server: cloudflare
traceparent: 00-485a4df83e474a04a9fdf047bcc81ee6-c5e79536056b0ac1-00
x-timer: S1655542917.373302,VS0,VE2
etag: W/"629f6b1a-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FV90oFstjF%2FR5YNKMcolNc%2BeGnF7tL0%2Fh93HMxHZNQ8LhUdTGTsTiWvxaI9CkIU7p6aEoL%2BFiJpl9qAq3S4JPzynYlF17RqVuj951MHNGDKKuNboLeAj8JMZsk%2B0bgBG55g7"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 09fde1c1-e676-11ec-ac3f-9a62f0170b10
expires: Thu, 08 Jun 2023 15:25:18 GMT
cache-control: max-age=31622400
cf-ray: 72017ba6dc846993-FRA
x-cache-hits: 47, 1

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 20 KB
7 KB 52ms
22ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Jun 2022 00:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jaQOgzI9+ZkWZRPB/GIusQ==
age: 3743
vary: Accept-Encoding
content-length: 6921
x-ms-lease-status: unlocked
last-modified: Thu, 23 Jun 2022 19:31:19 GMT
server: cloudflare
etag: 0x8DA554EF27EF180
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d8d83958-801e-0143-7855-87b45a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72017ba709d49be9-FRA

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 83 KB
32 KB 49ms
6ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: 65dad26d197878fdddaaa0ab1990b6a0bc7f6853c6db2af3e1970ba6c2f5b2a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:50 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 21:11:07 GMT
server: ECS (frb/67D4)
age: 13080
etag: "5610d26dfc80d81:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 32316

GET
H2 200 gray-blade-l.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/ 2 KB
1 KB 23ms
22ms Image
image/svg+xml 104.26.15.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/gray-blade-l.svg?t=1655914949

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59724cd88aeb9ed1579086352c4eefc048cdc7207c3dbf8c450ac1030cc57d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:50 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 104723
x-pantheon-styx-hostname: styx-fe4-a-5bdbff5f88-z4fpg
x-cache: HIT, HIT
x-cloud-trace-context: 9230a267221b46d69b2eb2c2ae98e8b3/16014117247941341265;o=0
strict-transport-security: max-age=300
content-encoding: br
x-served-by: cache-mdw17353-MDW, cache-fra19136-FRA
last-modified: Mon, 20 Jun 2022 16:26:53 GMT
server: cloudflare
traceparent: 00-9230a267221b46d69b2eb2c2ae98e8b3-de3d92ca62fff051-00
x-timer: S1655927247.425474,VS0,VE5
etag: W/"62b09fcd-627"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFc7hXEt3Oc91CKrA9y7uZFxiTmTdiQZJBOegK%2Fs1Ec8HvYky%2BODCB9Mes9HaFPffT75j8dhsRrvuvLOjMX%2FoP6cei1QJW8KXP91Iyh3wYXtYYkuL0risLRXaThSls8wxbLs"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Fri, 23 Jun 2023 16:25:31 GMT
cache-control: max-age=31622400
cf-ray: 72017ba7cd4f6993-FRA
x-styx-req-id: ef2b0f6e-f247-11ec-9001-e2939913939f
x-cache-hits: 1, 3

GET
H2 200 gray-blade-r.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/ 2 KB
1 KB 34ms
33ms Image
image/svg+xml 104.26.15.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/gray-blade-r.svg?t=1655914949

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a66b75a0605cde41e287281ecb1232c00ebb98371a0c52b6067d2a5d1fbef48

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:50 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe4-b-5fc44d9759-2jqhr
x-cache: HIT, HIT
x-cloud-trace-context: b5507844ff724fc892a34193d4e24360/18390228743449417453;o=0
strict-transport-security: max-age=300
content-encoding: br
x-served-by: cache-mdw17347-MDW, cache-hhn4075-HHN
last-modified: Mon, 20 Jun 2022 16:26:53 GMT
server: cloudflare
traceparent: 00-b5507844ff724fc892a34193d4e24360-ff37379b477b16ed-00
x-timer: S1656031971.544668,VS0,VE1
etag: W/"62b09fcd-615"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jq96A16Uo7v%2FA3%2FjTp0gev8CBIVzdQcf%2FwRFqNuH2yDOtH2moOyp5qwwpwZz6zfd7wMELnaRtLEqEPua9H%2FSB%2FjhNq%2BH%2BOt2a9KVtLmmcI%2F4YuIEo2yhHNh9Zoje%2FwYNC%2B6S"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Fri, 23 Jun 2023 16:25:31 GMT
cache-control: max-age=31622400
cf-ray: 72017ba7cd506993-FRA
x-styx-req-id: ef2cdd5a-f247-11ec-85f7-7609ffe5705e
x-cache-hits: 1, 1

GET
H2 200 awake-white.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/ 12 KB
5 KB 24ms
24ms Image
image/svg+xml 104.26.15.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/awake-white.svg?t=1655914949?v2

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d088bee0f421a9d84586b4e47c7b43b179d44377f656af2e6e4021d7baceb726

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:50 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 104723
x-pantheon-styx-hostname: styx-fe4-a-5bdbff5f88-whndr
x-cache: HIT, HIT
x-cloud-trace-context: ef81e2b3320347bcb031676936c60582/5067548791570609095;o=0
strict-transport-security: max-age=300
content-encoding: br
x-served-by: cache-mdw17340-MDW, cache-fra19129-FRA
last-modified: Wed, 22 Jun 2022 16:22:29 GMT
server: cloudflare
traceparent: 00-ef81e2b3320347bcb031676936c60582-46538cc6e386b3c7-00
x-timer: S1655927247.130385,VS0,VE237
etag: W/"62b341c5-2f3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YMrkD0rZkI3DZw2uj5PXA7eJNM%2BIF86ek%2FC6N%2FeU12hPcgOpssQ1U3azBpKdhrIXnuuYUmRut%2FUyG7IkU2eu1DjBQGBgRexrgrogC8xUE%2Bkv1EwCCo6Iirz6OOOtL0qYuOF"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Fri, 23 Jun 2023 16:25:31 GMT
cache-control: max-age=31622400
cf-ray: 72017ba7cd516993-FRA
x-styx-req-id: ef2adbb9-f247-11ec-82fe-1a9caddc54ba
x-cache-hits: 1, 1

GET
H2 200 gtm4wp-form-move-tracker.js Show response
awakesecurity.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
847 B 23ms
23ms Script
application/x-javascript 104.26.15.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.15.2

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1542137a20a23276ec5664c54bb99113c42280bf1f699d035e6d12f2381c156

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:50 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489053
cf-polished: origSize=1449
x-cache: HIT, HIT
x-cloud-trace-context: 8459197312cb455a8df37024a3baa833/10592821318545020833;o=0
x-cache-hits: 1, 1
cf-bgj: minify
content-encoding: br
x-served-by: cache-mdw17326-MDW, cache-hhn4026-HHN
last-modified: Tue, 07 Jun 2022 15:13:28 GMT
server: cloudflare
traceparent: 00-8459197312cb455a8df37024a3baa833-930142ddb50f97a1-00
x-timer: S1655542918.616277,VS0,VE2
etag: W/"629f6b18-5a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWOw5WLv2YsV1gLz8mibUF5ANgeaReOIm%2FCIb6nUyARTvJumHyt6EKoRQgRqKS1P%2BH3qVNKF1wqhHXBRNyL%2BZln8My2gNbDW8Zw6weShW8HfrTfbBbJNZk%2FrUp0%2BzdYMYN6s"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 0a0d11f6-e676-11ec-b8f3-8a534164f345
expires: Thu, 08 Jun 2023 15:25:19 GMT
cache-control: max-age=31622400
cf-ray: 72017ba72ccb6993-FRA
x-pantheon-styx-hostname: styx-fe4-b-58789fbcc4-mgnd8

GET
H2 200 gtm4wp-youtube.js Show response
awakesecurity.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 6 KB
2 KB 26ms
26ms Script
application/x-javascript 104.26.15.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-youtube.js?ver=1.15.2

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63c25a34debe806536107459576591bbecd97abe950d97ea98eb7da8124fefb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:50 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489053
cf-polished: origSize=7311
x-cache: HIT, HIT
x-cloud-trace-context: a540e44473ce4c408f7aa59b72752558/9933569853893518779;o=0
x-cache-hits: 1, 1
cf-bgj: minify
content-encoding: br
x-served-by: cache-mdw17332-MDW, cache-fra19121-FRA
last-modified: Tue, 07 Jun 2022 15:13:29 GMT
server: cloudflare
traceparent: 00-a540e44473ce4c408f7aa59b72752558-89db2126dcda25bb-00
x-timer: S1655542918.650918,VS0,VE2
etag: W/"629f6b19-1c8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXpPKJmdbJaRg2fruGdQbrXm51iNcVoYlELzdieLsq%2FEB6x4v7%2BbU6xqML1x8Oho2ZRceEVVHmlQHq%2BUypj2%2FNDyM1%2BPlq6WQUjP3zBczEecLXnBaK%2B8S8HWBLzbZNtW%2BOiu"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 0a24a1f9-e676-11ec-8a89-02627fd8719d
expires: Thu, 08 Jun 2023 15:25:19 GMT
cache-control: max-age=31622400
cf-ray: 72017ba75cec6993-FRA
x-pantheon-styx-hostname: styx-fe4-b-58789fbcc4-v4mbd

GET
H2 200 awake.js Show response
awakesecurity.com/wp-content/themes/awake19/assets/dist/ 160 KB
46 KB 26ms
26ms Script
application/x-javascript 104.26.15.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.js?t=1655914949&ver=6.0

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d435074da875ff2017a093ab23d347cc660690697ff068f9eaadec22eae8a0dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:50 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 114695
cf-polished: origSize=166300
x-cache: HIT, HIT
x-cloud-trace-context: e3750b6ab8c0473a875c349b2b7e270f/1245833877171160083;o=0
x-cache-hits: 1, 1
cf-bgj: minify
content-encoding: br
x-served-by: cache-mdw17373-MDW, cache-fra19139-FRA
last-modified: Wed, 22 Jun 2022 16:22:29 GMT
server: cloudflare
traceparent: 00-e3750b6ab8c0473a875c349b2b7e270f-114a174f81ef4413-00
x-timer: S1655917275.438112,VS0,VE3
etag: W/"62b341c5-2899c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24kkZvyGflBcQ7HI2kJRSBKIM3MPhqPjVBmwX0kXVuf5%2F%2FoxcfjCEa8kKil7SzymKfyfooR9T%2FX%2FYNfNAyVJL%2F19M9FWzcGpdqDFgNV8Wv0NoBphy9hxjiOYU%2F5n2NCK%2FCT8"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: ef096999-f247-11ec-82fe-1a9caddc54ba
expires: Fri, 23 Jun 2023 16:25:30 GMT
cache-control: max-age=31622400
cf-ray: 72017ba77d136993-FRA
x-pantheon-styx-hostname: styx-fe4-a-5bdbff5f88-whndr

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 585 KB
147 KB 533ms
491ms Script
application/javascript 2606:4700::6811:b649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js?ver=6.0

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1211a9a77e9e16594929055d1e99009c3e85f4ffbbfd5b0646319087812eea30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:50 GMT
via: 1.1 e418fd5667de46c635f0321ea814c2e0.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 21 Jun 2022 02:51:01 UTC
server: cloudflare
etag: W/"6e63031a8c528e5eccaa863d635b3ed8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6986iipXKFvwUSJ9db7HkpeXFWQLHsKesH7WeAOkTbFZ7Gokqda%2BLuwg1PvtbkPywTmKdC%2F0VWUYiWorezuKSHqYjBHMOc4pGsn%2FKIbHS6tNacBV%2BkEMq%2FfJ0k9%2BxCPnY%2Fns01XFH9q%2BETB8"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 6vyCWacfN9CPqy_wPW84vx64jCxte7kG
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
cf-ray: 72017ba7fb5f915f-FRA
x-amz-cf-id: kD3ssIVHvatY5IMn0aIc2cH3bO-DTbFILfaQPSE36DeqF6CeHzjcPQ==
x-hs-target-asset: FormsNext/static-5.508/bundles/project_with_deps.js

GET
H2 200 6878499a-f407-49ea-a73e-544784ae21ce.json Show response
cdn.cookielaw.org/consent/6878499a-f407-49ea-a73e-544784ae21ce/ 4 KB
2 KB 46ms
31ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6878499a-f407-49ea-a73e-544784ae21ce/6878499a-f407-49ea-a73e-544784ae21ce.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90469a738b4941f67801263e205d61d2ee8edb6c5eea447cf31220a98277c83a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Jun 2022 00:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BaepRPVfzJAZRiJRbve4hA==
vary: Accept-Encoding
content-length: 1566
x-ms-lease-status: unlocked
last-modified: Mon, 23 May 2022 21:13:43 GMT
server: cloudflare
etag: 0x8DA3D011DE55151
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ceefd167-c01e-00c8-17ea-6e49d1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72017ba7df87bb67-FRA
expires: Fri, 24 Jun 2022 04:52:50 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 189 KB
68 KB 593ms
55ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

11550138417998decd4f6e7f7c80ab94e1e11341e98ef4a69826565a19786b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68830
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 00:52:51 GMT

GET
H2 200 cta-link-arrowhead-white.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/ 202 B
703 B 22ms
21ms Image
image/svg+xml 104.26.15.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/cta-link-arrowhead-white.svg

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1655914949&ver=6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faca2a40969659b6bd6588bf951d7a1e95b60130c3b3906bf64f9c3f23d1267f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1655914949&ver=6.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:50 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 203121
x-pantheon-styx-hostname: styx-fe4-a-5bdbff5f88-692hm
x-cache: HIT, HIT
x-cloud-trace-context: ff41b1396b354664a40bbbab11bac3af/5750005277850399019;o=0
strict-transport-security: max-age=300
content-encoding: br
x-served-by: cache-mdw17379-MDW, cache-hhn4074-HHN
last-modified: Mon, 20 Jun 2022 16:26:52 GMT
server: cloudflare
traceparent: 00-ff41b1396b354664a40bbbab11bac3af-4fcc1f55dae4f12b-00
x-timer: S1655828849.436424,VS0,VE2
etag: W/"62b09fcc-ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJb%2F2AELH%2FGXkVDbQ4FASWpRWGvFab7ffiUJz9bqDGE4%2FjyAYNkxpIRmKmPjELW1ERmF9zA8sxAvbzXymzMgm8wWIVnlD6UqDNg%2B6o7R4DY7zlH7LcH1dqRLAXJ0wqTN2C7i"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Wed, 21 Jun 2023 17:22:18 GMT
cache-control: max-age=31622400
cf-ray: 72017ba7cd526993-FRA
x-styx-req-id: 895a3a16-f0bd-11ec-8ce0-1ed14f1af6ec
x-cache-hits: 1, 1

GET
H2 200 awake-blue.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/ 14 KB
5 KB 22ms
22ms Image
image/svg+xml 104.26.15.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/awake-blue.svg?v2

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1655914949&ver=6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ad7be1450b1857107cbdaf03fd3e1c23c864d10c3c5c842454fdefc6f2ee58c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1655914949&ver=6.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:50 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 574431
x-pantheon-styx-hostname: styx-fe4-b-58789fbcc4-blgb5
x-cache: HIT, HIT
x-cloud-trace-context: 42cf91819a3f4c3ab532c4c30211b266/3734512465339125468;o=0
strict-transport-security: max-age=300
content-encoding: br
x-served-by: cache-mdw17361-MDW, cache-hhn4026-HHN
last-modified: Tue, 07 Jun 2022 15:13:29 GMT
server: cloudflare
traceparent: 00-42cf91819a3f4c3ab532c4c30211b266-33d3a74d09ce8edc-00
x-timer: S1655457539.025743,VS0,VE2
etag: W/"629f6b19-36cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjR4pKWIq4mJ0jNM%2BPnJkFvHp8d9y1Cz3qxG1OFa52C2pJrsQRBDoXggJyo6Y7Gnvv7ZXj29aIOigVcGph8Sbb2IVhlVrppaj1yV%2FuMoS1Z%2FsZSK21T2tV2oS43th%2F3GPJb8"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Thu, 08 Jun 2023 15:25:20 GMT
cache-control: max-age=31622400
cf-ray: 72017ba7cd546993-FRA
x-styx-req-id: 0abbee25-e676-11ec-a0de-02e4697ddb76
x-cache-hits: 1, 1

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 30 KB
31 KB 572ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C600%7CQuattrocento%3A400%2C700&ver=6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://awakesecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 17:07:05 GMT
x-content-type-options: nosniff
age: 200746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:07:05 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 576ms
56ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-youtube.js?ver=1.15.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32aa45ae6d18a04cf5985a3ff0149460e7c7145fef07dd2df08cf9c6c29336c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 24 Jun 2022 00:52:51 GMT

GET
H2 200 forms.js Show response
hubspot.clearbit.com/v1/forms/pk_eb94a3b23abc2d3ed2b6bf58e9046752/ 4 KB
5 KB 715ms
207ms Script
application/javascript 18.169.82.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hubspot.clearbit.com/v1/forms/pk_eb94a3b23abc2d3ed2b6bf58e9046752/forms.js

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.169.82.163 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-169-82-163.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

33de01f1dce7eee5b5ea44986000f20ac585c04d34a29cd2b7f4791021455fd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
x-content-type-options: nosniff
server: envoy
content-length: 4355
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8

GET
H2 200 cta-link-arrowhead.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/ 204 B
704 B 21ms
21ms Image
image/svg+xml 104.26.15.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/cta-link-arrowhead.svg

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1655914949&ver=6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

827ad877bc995d3249dc37ce07b933b5783ee4a2cabf7ca9d6636b6e759ec50b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1655914949&ver=6.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:50 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 574426
x-pantheon-styx-hostname: styx-fe4-a-7fcd8d8bb9-hl8gj
x-cache: HIT, HIT
x-cloud-trace-context: 84fb74b359284c6ea9deeaae113b7002/656074101147499495;o=0
strict-transport-security: max-age=300
content-encoding: br
x-served-by: cache-mdw17333-MDW, cache-fra19145-FRA
last-modified: Tue, 07 Jun 2022 15:13:29 GMT
server: cloudflare
traceparent: 00-84fb74b359284c6ea9deeaae113b7002-091ad7eb413afbe7-00
x-timer: S1655457545.940452,VS0,VE2
etag: W/"629f6b19-cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAiG7faSxImgj38dg%2B6ECG12EP%2Fg1bsKnmDA0R3ZWIAsXdz5VqAOnAc%2FvWxSt8Kx1molkErFUnFxLiR%2Bd1mJsoZCzhHXl5%2BDixRyESyEnWyDpp7%2B7stsEosy7Y%2BnWmf9MkMN"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Thu, 08 Jun 2023 15:25:22 GMT
cache-control: max-age=31622400
cf-ray: 72017ba80d806993-FRA
x-styx-req-id: 0bdc6af9-e676-11ec-9a35-d235d1cc65db
x-cache-hits: 1, 1

GET
H2 200 OZpbg_xvsDZQL_LKIF7q4jP_eE3vcKnY.woff2
fonts.gstatic.com/s/quattrocento/v17/ 35 KB
35 KB 592ms
92ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quattrocento/v17/OZpbg_xvsDZQL_LKIF7q4jP_eE3vcKnY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C600%7CQuattrocento%3A400%2C700&ver=6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e232623c90033b45c4ca98c53ff6b4b5b6c54b1c2da2f05a3a1a7e68e2ca8f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://awakesecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 20:20:44 GMT
x-content-type-options: nosniff
age: 102727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35952
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:14:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 20:20:44 GMT

GET
H2 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq_p9WXh0pg.woff2
fonts.gstatic.com/s/montserrat/v24/ 13 KB
13 KB 580ms
80ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq_p9WXh0pg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C600%7CQuattrocento%3A400%2C700&ver=6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47ea5256bfc4bb763ac4c6ee485c593f5647d6518a2bd77310d0290b09ff5155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://awakesecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 17:46:45 GMT
x-content-type-options: nosniff
age: 198366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12932
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:46:45 GMT

GET
H2 200 OZpEg_xvsDZQL_LKIF7q4jP3w2j6.woff2
fonts.gstatic.com/s/quattrocento/v17/ 35 KB
35 KB 600ms
118ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quattrocento/v17/OZpEg_xvsDZQL_LKIF7q4jP3w2j6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C600%7CQuattrocento%3A400%2C700&ver=6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe65e8f74381d5afc5a63c298f62b26c4b68531e9e2792e6fa63f4af24842596

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://awakesecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 20:27:37 GMT
x-content-type-options: nosniff
age: 102314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35872
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 20:27:37 GMT

GET
H2 200 operation-white-stork-incident-response-timeline.png
awakesecurity.com/wp-content/uploads/2021/05/ 52 KB
52 KB 136ms
135ms Image
image/png 104.26.15.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/uploads/2021/05/operation-white-stork-incident-response-timeline.png

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e25a07abea29fb732abbcadbc34d98aff95a4629359c7201e5fe265a41f8a419

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:50 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe4-b-5fc44d9759-blr67
x-cache: HIT, MISS
x-cloud-trace-context: e75a69c1c4b542a29c4fda22ab3c942f/15921650752387780937;o=0
strict-transport-security: max-age=300
content-length: 52986
x-served-by: cache-mdw17349-MDW, cache-fra19161-FRA
last-modified: Thu, 13 May 2021 21:44:54 GMT
server: cloudflare
traceparent: 00-e75a69c1c4b542a29c4fda22ab3c942f-dcf51100b5e79149-00
x-timer: S1656031971.619923,VS0,VE105
etag: "609d9dd6-cefa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i77Hzjq32qHOlrPL0H1mOXL4BiBtFII81Bf05kauzxZ1dxPufNshCevgX7QNJBjy2pj0V5SQ5cRtpMBsT8L9umLMD8pkU40RtYvCHjYg%2BtZG938iddIoZ84L%2BB5C8UCTUKqc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: c8cfa863-ebd1-11ec-942b-ee0a4d1dedfa
expires: Thu, 15 Jun 2023 11:04:39 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 72017ba84dac6993-FRA
x-cache-hits: 1, 0

GET
H2 200 word-image-23.jpeg
awakesecurity.com/wp-content/uploads/2021/05/ 124 KB
125 KB 140ms
140ms Image
image/jpeg 104.26.15.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/uploads/2021/05/word-image-23.jpeg

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef000116a095a861514ad5de78a59ffd3fea4733bee92e71aacfbb36577001de

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:50 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe4-b-5fc44d9759-vxc6r
x-cache: MISS, MISS
x-cloud-trace-context: bfeb24c9b8d64d75afc259526cc977e8/9271313078054886202;o=0
strict-transport-security: max-age=300
content-length: 127303
x-served-by: cache-mdw17332-MDW, cache-hhn4078-HHN
last-modified: Thu, 13 May 2021 11:12:11 GMT
server: cloudflare
traceparent: 00-bfeb24c9b8d64d75afc259526cc977e8-80aa521f7ae51b3a-00
x-timer: S1656031971.623225,VS0,VE106
etag: "609d098b-1f147"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFYzLoS2KQlBusO1iYsF865612aOE%2BTYfRZQbSnoWmbSEJYhSZIYMPCyWGayrAYX4z2vBpsi2bQ5xh5Kd3Ic93RMZKchdJVrtZZbonyVKKF3bseJtfOvMEzfAr6Y8beSLFvI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: ca2a36b5-ebd1-11ec-9cec-5e0858803987
expires: Thu, 15 Jun 2023 11:04:41 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 72017ba84daf6993-FRA
x-cache-hits: 0, 0

GET
H2 200 word-image-24.jpeg
awakesecurity.com/wp-content/uploads/2021/05/ 126 KB
127 KB 447ms
447ms Image
image/jpeg 104.26.15.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/uploads/2021/05/word-image-24.jpeg

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1547a5df4d7720dfbf9fceaac844032e843742b2a471435775e0739409361736

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe4-a-5bdbff5f88-twv9g
x-cache: HIT, MISS
x-cloud-trace-context: dce63bb9d7b0442b96662146d5f78a85/14688667816086058492;o=0
strict-transport-security: max-age=300
content-length: 129271
x-served-by: cache-mdw17364-MDW, cache-hhn4050-HHN
last-modified: Thu, 13 May 2021 11:12:18 GMT
server: cloudflare
traceparent: 00-dce63bb9d7b0442b96662146d5f78a85-cbd8a18e0985b5fc-00
x-timer: S1656031971.622923,VS0,VE412
etag: "609d0992-1f8f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3bhTZQxeuymLETRqASuTHjWFwziNz4c91oD4pW%2Bi5lfQcxxuzEYO7LcieLXporMpEVW6vFHKtBzcDIdOj7f20iTGglyB9KOGdAivUg%2FPBApeeqrtEVU7yKt3Sr12SG%2BSQZQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-styx-req-id: ca382087-ebd1-11ec-a4c9-964019a1f2a1
expires: Thu, 15 Jun 2023 11:04:41 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 72017ba84db06993-FRA
x-cache-hits: 1, 0

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
457 B 474ms
25ms XHR
application/json 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://awakesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 72017bab2ba96939-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.24.0/ 317 KB
76 KB 21ms
21ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: V5hcbF1dEgrls6P2M61C9g==
age: 1475
vary: Accept-Encoding
content-length: 77260
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:37 GMT
server: cloudflare
etag: 0x8D983BB67EEBDFE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 84b3820c-c01e-0129-6edf-11e8f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72017bab6d399be9-FRA

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
326 B 7ms
7ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=f6f12ef1ab44446d9a070bce216fc91b&_biz_s=1e3a48&_biz_l=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&_biz_t=1656031970619&_biz_i=Catching%20the%20White%20Stork%20in%20Flight%20with%20Multiple%20Techniques%20and%20Tools.&_biz_n=0&rnd=218417&cdn_o=a&_biz_z=1656031971099
Requested by: Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6739) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 00:52:51 GMT
last-modified: Thu, 23 Jun 2022 01:07:02 GMT
server: ECS (frb/6739)
age: 85549
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
202 B 18ms
7ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=f6f12ef1ab44446d9a070bce216fc91b&_biz_s=1e3a48&_biz_l=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&_biz_t=1656031971101&_biz_i=Catching%20the%20White%20Stork%20in%20Flight%20with%20Multiple%20Techniques%20and%20Tools.&rnd=525067&cdn_o=a&_biz_z=1656031971101
Requested by: Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C2) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 00:52:51 GMT
last-modified: Thu, 23 Jun 2022 23:58:13 GMT
server: ECS (frb/67C2)
age: 3278
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

OPTIONS
H2 200 json
forms.hsforms.com/embed/v3/form/3455675/552bf00a-3b99-46d5-ab7b-f3e36e880305/ Frame 0
0 168ms
120ms Preflight
text/plain 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/3455675/552bf00a-3b99-46d5-ab7b-f3e36e880305/json?hutk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://awakesecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: x-requested-with
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://awakesecurity.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 72017babcf489064-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Fri, 24 Jun 2022 00:52:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: e5f07989-a2d5-4197-97ff-aba18c8c79f4
x-robots-tag: none
x-trace: 2BCA25D3532EB9B5D4A4D13CFC3DB08C2BAE17846C000000000000000000

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/3455675/552bf00a-3b99-46d5-ab7b-f3e36e880305/ 11 KB
4 KB 168ms
149ms XHR
application/json 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/3455675/552bf00a-3b99-46d5-ab7b-f3e36e880305/json?hutk=

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dabe26818e76d60561bf599c30593ebec66e9fd0297faf4dddb13cd3d4c2faba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript
Referer: https://awakesecurity.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-origin-hublet: na1
date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 74007a39-47fc-4277-8a2e-6908c4de0039
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
x-trace: 2B78227387150D97F9AF4CBC81A67754EFD3B47504000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://awakesecurity.com
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 72017bacaf4e90c1-FRA
access-control-allow-headers: *

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
524 B 122ms
121ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=f6f12ef1ab44446d9a070bce216fc91b&_biz_h=-1906410348&cdn_o=a&jsVer=4.22.05.27
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 519e0c50f2b1b22277fd03b87848839335c8b4b3537f60c0e5ca477f39a1912b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:50 GMT
content-encoding: gzip
server: ECS (frb/6711)
etag: 8F6A7AA8
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 216

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/9017ba60/www-widgetapi.vflset/ 155 KB
51 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9017ba60/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32e5d3676f7cca9d4bc0898299033b5fd8dfa56c917d007a9696355d1c271c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 16:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51402
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 00:18:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Jun 2023 16:16:30 GMT

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/6878499a-f407-49ea-a73e-544784ae21ce/d9b7fdda-5ec5-4ee3-8cb3-a9513f87665f/ 67 KB
14 KB 44ms
44ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6878499a-f407-49ea-a73e-544784ae21ce/d9b7fdda-5ec5-4ee3-8cb3-a9513f87665f/en-us.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a5caa879ade5381c20eb49f351525d8408d906030e689fe76fdbfad93faa071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: 52hbAkkmFa5AE3jyHWgy5w==
vary: Accept-Encoding
content-length: 14530
x-ms-lease-status: unlocked
last-modified: Mon, 23 May 2022 21:13:50 GMT
server: cloudflare
etag: 0x8DA3D0122168023
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d1e0bae7-501e-0105-42ea-6e6acc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72017babaa5dbb67-FRA
expires: Fri, 24 Jun 2022 04:52:51 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 97 KB
38 KB 127ms
57ms Script
application/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-NDH7TG4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f92c14a096fcafd269c97b69a1288b2719a6c2df4256f9da1f09c51edaf488e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38769
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 00:52:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 96ms
29ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6482
date: Thu, 23 Jun 2022 23:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 24 Jun 2022 01:04:49 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 38ms
8ms Script
application/x-javascript 2a02:26f0:ef::5c7b:c24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 00:52:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=36573
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 132ms
42ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15000
x-xss-protection: 0
server: cafe
etag: 15252473734373555178
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Jun 2022 00:52:51 GMT

GET
H2 200 3455675.js Show response
js.hs-scripts.com/ 2 KB
981 B 450ms
418ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/3455675.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87b97e918443f00f535336cbe78108c1be5b459bca4551e70b8d4a6653c1a817

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 2f95bdcf-62e9-43db-8ca3-851b5f0aebd6
last-modified: Thu, 23 Jun 2022 11:22:52 GMT
server: cloudflare
x-trace: 2BEC5FECB33A79FE23B0938CB4B40BBA4C5245123F000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://awakesecurity.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 72017bac8e769b69-FRA
expires: Fri, 24 Jun 2022 00:53:51 GMT

GET
H2 200 preload.js Show response
front.optimonk.com/public/37807/js/ 3 KB
2 KB 39ms
17ms Script
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/37807/js/preload.js

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

17a4a28b3f106f2566d17c04eef8d69afbcf8d966124a01b2e2915b7bcdc609b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"d6e-cKQYQ6BqrlUhZ08VqYk4Pll1bT8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1350
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 55 KB
15 KB 163ms
12ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 16:20:35 GMT
etag: "f345fa1999011d396bda3b2c6fafc302+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15166
x-served-by: cache-iad-kiad7000060-IAD, cache-muc13976-MUC

GET
H2

200

tags.js Show response
x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/
Redirect Chain

https://x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/clearbit.js
https://x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/tags.js?reveal=false&reveal_async=false&tracking=true&tracking_auto_page_events=false&tracking_cookies=true&tracking_legacy=true

1 KB
717 B

204ms
204ms

Script
application/javascript

18.169.62.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/tags.js?reveal=false&reveal_async=false&tracking=true&tracking_auto_page_events=false&tracking_cookies=true&tracking_legacy=true

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Server

18.169.62.151 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-169-62-151.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

0db688117e0d7cfc231d48c350f2617d8d03467de91ac533d176bec3b5fbac1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
etag: W/"42161b72d30b13567979a647fd4677ca"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
strict-transport-security: max-age=63072000; includeSubDomains; preload

Redirect headers

location: https://x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/tags.js?reveal=false&reveal_async=false&tracking=true&tracking_auto_page_events=false&tracking_cookies=true&tracking_legacy=true
date: Fri, 24 Jun 2022 00:52:51 GMT
x-content-type-options: nosniff
server: envoy
content-length: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/html;charset=utf-8

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
26 KB 30ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: aAdYjyG6USle7/K72VJShFYzMsKlIc7oXQNkQ8tQvokunHrC/9X+5OeE6sbWcLk34lq4YBqbRbLLWehapemBRA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 24 Jun 2022 00:52:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET dot.png
img.blindspot.ai/ 0
0

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 13 KB
3 KB 40ms
39ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 6kn6x4Mq//asafVxYG5LSA==
vary: Accept-Encoding
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:28 GMT
server: cloudflare
etag: 0x8D983BB627AC080
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 289db995-201e-000e-7e1a-4834ed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72017bac6aedbb67-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.24.0/assets/v2/ 46 KB
12 KB 28ms
28ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f766c61297183207dea435ddd5ce006c7230aa27c834bb1bc4dbe01b83d97d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: x/n5vYdkes7sKCqU8TquDQ==
vary: Accept-Encoding
content-length: 11861
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:30 GMT
server: cloudflare
etag: 0x8D983BB63F26533
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: b85bf4e8-801e-0080-20a1-247b4c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72017bac6aeebb67-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 20 KB
4 KB 32ms
31ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e0d36acb-f01e-0103-2b7c-519db4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 72017bac6af0bb67-FRA

GET
H2 200 preload-base.js Show response
front.optimonk.com/ 50 KB
16 KB 11ms
11ms Script
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/preload-base.js?v=5493e6adca

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/public/37807/js/preload.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

0e809ee0a59017ff9205bb5c568c8f30a4aa01b4756eb68fbbe4812d9c700134

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"c9c2-/rgfJz3Th002lxMTj1td3CR3JVw"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1656031971303&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D116994%26time%3D1656031971303%26url%3Dhttps%253A%252F%252Fawakesecurity.com%252Fb...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1656031971303&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1656031971303&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&liSync=true&e_ipv6=AQK4SogxD_mP9QAAA...

0
263 B

208ms
182ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1656031971303&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&liSync=true&e_ipv6=AQK4SogxD_mP9QAAAYGTMoneMpT9FnmnG3RDNN_dSTR-tIevM2GFWTuHrGzUL7AyHNj39ImH
Requested by: Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 53E1D15C47A84C7AA4D96711B0B203E1 Ref B: FRAEDGE1308 Ref C: 2022-06-24T00:52:51Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXiJv1tlgrMqVgth5SB4A==
x-li-fabric: prod-lor1

Redirect headers

date: Fri, 24 Jun 2022 00:52:51 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: C8C58C46B6B6408F94D0741F8875397E Ref B: FRAEDGE1212 Ref C: 2022-06-24T00:52:51Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=116994&time=1656031971303&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&liSync=true&e_ipv6=AQK4SogxD_mP9QAAAYGTMoneMpT9FnmnG3RDNN_dSTR-tIevM2GFWTuHrGzUL7AyHNj39ImH
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXiJv1qSPM4/EEwuxFvCw==

GET
H3 200 524739641515499 Show response
connect.facebook.net/signals/config/ 288 KB
83 KB 64ms
55ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/524739641515499?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39a56ba98bb3f08df687cd1282b384955912a2ab885d2d8c62cb28bb03fdb794

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: TDmXkzN9VV5aVbgnx3IavF6JV4Rvk0zT3iDSy1LMlHiW2wtKEKuWB6Al7/uUZz0zE3QX6Do+joordQAgriZU4g==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 24 Jun 2022 00:52:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656031971370
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 jfclientsdk.min.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 95 KB
32 KB 53ms
7ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Requested by: Host: front.optimonk.com
URL: https://front.optimonk.com/preload-base.js?v=5493e6adca
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE1-832 /
Resource Hash: 85f0b9ca412b1b2c5ce84007871323a0d6f3e532e7b8a726026b458a1656c1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: br
cdn-edgestorageid: 832
x-guploader-uploadid: ADPycdvzcXWeG7eagFXoz5rJ5QaIUDE0nG6Vh6DyBHV0gEyJaoZ_Ec7fwd2ikZzPf7-rtRrTIqcvyM2hGexPDPfBJiy-Va3KMj3F
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
cdn-cachedat: 06/23/2022 11:30:52
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
server: BunnyCDN-DE1-832
last-modified: Thu, 23 Jun 2022 11:01:56 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"0d51daede184576e937e1d8135d6e64d"
content-language: en
vary: Accept-Encoding, Accept-Encoding
x-goog-hash: crc32c=KnNijw==, md5=DVHa7eGEV26Tfh2BNdbmTQ==
x-goog-generation: 1655982116491970
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 97067
cdn-requestid: 9e283cf7a2e81229edd9f78ce1837712
content-type: application/javascript
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 load Show response
front.optimonk.com/public/37807/js/ 0
347 B 28ms
14ms XHR
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/37807/js/load

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://awakesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/842977571/ 2 KB
2 KB 142ms
51ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842977571/?random=1656031971390&cv=9&fst=1656031971390&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&tiba=Catching%20the%20White%20Stork%20in%20Flight%20with%20Multiple%20Techniques%20and%20Tools.&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3c38539a76677751814ea74a03af1fabe27ad006daefe70b50f3d3ea23397ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1080
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 97ms
36ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=587644529&t=pageview&_s=1&dl=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&ul=en-us&de=UTF-8&dt=Catching%20the%20White%20Stork%20in%20Flight%20with%20Multiple%20Techniques%20and%20Tools.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABQAAAAC~&jid=119942246&gjid=745656336&cid=108738202.1656031971&tid=UA-106883604-1&_gid=497360515.1656031971&_r=1&gtm=2wg6m05XLMPQR&z=661018920

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 00:52:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://awakesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 31ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=524739641515499&ev=PageView&dl=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&rl=&if=false&ts=1656031971442&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1656031971441.1856311682&it=1656031971309&coo=false&exp=p0&rqm=GET

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 24 Jun 2022 00:52:51 GMT

GET
H2 200 adsct
t.co/i/ 43 B
337 B 135ms
113ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=7e6893e9-ab28-41e6-9272-0e6bcd27a7f0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=09f15ec2-60c9-4834-95cf-88de1eb2d6f4&tw_document_href=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1ivb&type=javascript&version=2.4.12

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 106
date: Fri, 24 Jun 2022 00:52:51 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 95fc94313340c365ec512b400257e3ec4dd9c23bbf9371ad5cc4cd6b2bc2736f
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
355 B 151ms
117ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=7e6893e9-ab28-41e6-9272-0e6bcd27a7f0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=09f15ec2-60c9-4834-95cf-88de1eb2d6f4&tw_document_href=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1ivb&type=javascript&version=2.4.12

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 110
date: Fri, 24 Jun 2022 00:52:50 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 8d4e938e637df84fdd65be7da99b264e26ee9551386ae1980259ec8f555f2779
content-length: 43

GET
H3 200 css
fonts.googleapis.com/ 2 KB
528 B 126ms
47ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js?ver=6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f9667f65fc5b852ce86f4f3b6df2b7775925fa0b582ce45ec6a181a9cd19c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 00:38:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 24 Jun 2022 00:52:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Jun 2022 00:52:51 GMT

GET
H2 200 email.svg
awakesecurity.com/wp-content/themes/awake19/assets/img/hubspot-icons/ 584 B
1017 B 22ms
22ms Image
image/svg+xml 104.26.15.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awakesecurity.com/wp-content/themes/awake19/assets/img/hubspot-icons/email.svg

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1655914949&ver=6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.86 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7d6781923c1121af3b28d0a2d3c9749620616109cc7a1093901ca62dbf6ee53

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/wp-content/themes/awake19/assets/dist/awake.css?t=1655914949&ver=6.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 655462
x-pantheon-styx-hostname: styx-fe4-b-58789fbcc4-h4k7x
x-cache: HIT, HIT
x-cloud-trace-context: 9d5c8ad14e0e428c9104609af30920ee/15650753591348128745;o=0
strict-transport-security: max-age=300
content-encoding: br
x-served-by: cache-mdw17343-MDW, cache-hhn4078-HHN
last-modified: Tue, 07 Jun 2022 15:13:29 GMT
server: cloudflare
traceparent: 00-9d5c8ad14e0e428c9104609af30920ee-d932a57857796be9-00
x-timer: S1655376510.723744,VS0,VE2
etag: W/"629f6b19-248"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhOoEdi2FM0fnsPJMGEa%2ByfvdeYWtvTBHl%2BPdPXMp7HIs6B9jTO8ZhtRAyk%2BQpBE84DCwseXd49LkoSIwzza5zPftrrDMAGsY1e3yh8hDVwRIDH6oVAb4y0AyXMu1mAdnwR2"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Thu, 08 Jun 2023 15:25:22 GMT
cache-control: max-age=31622400
cf-ray: 72017badb99e6993-FRA
x-styx-req-id: 0bf856c1-e676-11ec-9293-96e2525c59a6
x-cache-hits: 1, 1

POST
H2 200 / Show response
jfapiprod.optimonk.com/v2/ 26 B
196 B 243ms
155ms Fetch
application/json 34.117.177.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jfapiprod.optimonk.com/v2/
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.177.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.177.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer: https://awakesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 24 Jun 2022 00:52:51 GMT
via: 1.1 google
etag: W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26
content-type: application/json; charset=utf-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-106883604-1&cid=108738202.1656031971&jid=119942246&gjid=745656336&_gid=497360515.1656031971&_u=aEBAAEAAQAAAAC~&z=1212930502

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 24 Jun 2022 00:52:51 GMT
content-type: text/plain
access-control-allow-origin: https://awakesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/842977571/ 42 B
154 B 138ms
52ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/842977571/?random=1656031971390&cv=9&fst=1656028800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&tiba=Catching%20the%20White%20Stork%20in%20Flight%20with%20Multiple%20Techniques%20and%20Tools.&async=1&fmt=3&is_vtc=1&random=4002958562&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 00:52:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/842977571/ 42 B
548 B 140ms
49ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/842977571/?random=1656031971390&cv=9&fst=1656028800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&tiba=Catching%20the%20White%20Stork%20in%20Flight%20with%20Multiple%20Techniques%20and%20Tools.&async=1&fmt=3&is_vtc=1&random=4002958562&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 00:52:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 81ms
49ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-106883604-1&cid=108738202.1656031971&jid=119942246&_u=aEBAAEAAQAAAAC~&z=626800259

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 00:52:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 86ms
50ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-106883604-1&cid=108738202.1656031971&jid=119942246&_u=aEBAAEAAQAAAAC~&z=626800259

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 00:52:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v24/ 12 KB
12 KB 119ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://awakesecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 17:08:28 GMT
x-content-type-options: nosniff
age: 200663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12708
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:08:28 GMT

GET
H2 200 ga.js Show response
ga.clearbit.com/v1/ 7 KB
3 KB 226ms
209ms Script
application/javascript 18.169.82.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.clearbit.com/v1/ga.js?authorization=pk_eb94a3b23abc2d3ed2b6bf58e9046752

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XLMPQR

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.169.82.163 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-169-82-163.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

d4011e6e37410bd18734c9f0ee78a4c463d866595008d68408cd8eab607d74c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
x-api-version: 2019-12-19
vary: Accept-Encoding
x-account-id: 85746c66-8dc1-4570-a5f6-b04cdecd3885
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8

GET
H2 200 3455675.js Show response
js.hs-analytics.net/analytics/1656031800000/ 62 KB
20 KB 571ms
551ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1656031800000/3455675.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3455675.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe0c55f3605f88a12da5eeed64499b5ad2c5f7bd544e548a5bfda0ffe6487fe0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:52 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: CP8TM3X7EWWFC7S4
x-amz-server-side-encryption: AES256
cf-ray: 72017baf4e61698f-FRA
x-amz-id-2: 9om2nxEwddz2mx8EYpe+1UQBnhAjP3iPzQHJuLfRbSrD0LQHu1hZB/4tQ7BZcLbIkGWJuQyxVMI=
last-modified: Tue, 14 Jun 2022 15:11:07 GMT
server: cloudflare
etag: W/"f434b9a171cb1d222f26ff29b6f88f24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Fri, 24 Jun 2022 00:57:52 GMT

GET
H2 200 3455675.js Show response
js.hs-banner.com/ 59 KB
16 KB 414ms
394ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3455675.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3455675.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 014dd9e48cc1bfdd8e7567da834676644343f66505e38f8647f1d8bd866fece2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 9MR2MYT3VH8N7N6D
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: 7ngKDirGyPRxHRlUqrnCt8/bTYqtez60voMS9fNOLAxR0BDRO7mfdYeHMpemDvjdWyauemBXl3M=
timing-allow-origin: *
last-modified: Fri, 27 May 2022 15:44:35 GMT
server: cloudflare
etag: W/"ba19aec600cd15de221576bf0aeaa3e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: gyQtiK7Fvhu2KW5PowfvGrZojIYL4Isg
access-control-allow-origin: https://awakesecurity.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 72017baf491e5c7a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Fri, 24 Jun 2022 00:57:52 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 72 KB
21 KB 65ms
26ms Script
application/javascript 2606:4700::6811:efcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3455675.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4e00320cfc724fde175314d7d9970ced29cc4967ec09288cc6291716e13209c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
via: 1.1 920629f47fa586ce02a1a1af8b626578.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 536
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10231/bundles/project.js&cfRay=72016e953e64bb9e-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 13 Jun 2022 04:26:28 UTC
server: cloudflare
etag: W/"d0b8bb93285841cdfb13313435e2d467"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: vc1SRxdlKcOgNfVcksJ2KUyWlsnYWj5h
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 72017baf6eb2bb77-FRA
x-amz-cf-id: JoL1elWGIOVHWzrozOq5zR3GezZJyxO0dDln6egp9zY1C60YqhnvGA==
x-hs-target-asset: conversations-embed/static-1.10231/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 32ms
13ms Script
application/javascript 2606:4700::6811:70b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3455675.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:70b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67bde44785ec5cd4a52b80ea9f11e1e0c3ba5341f57000e55e1003705f231cd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
via: 1.1 cea67f5ca1b497624430e599aa6b7c62.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 143
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.283/bundles/pixels-release.js&cfRay=7201782f3e575b6e-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Thu, 23 Jun 2022 03:19:05 UTC
server: cloudflare
etag: W/"6cb7b14623fc6fff69528b7c98e33bcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: wsSp05Vslq9sKHmIlNZGOnuq9CMghpzX
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 72017baf4f126955-FRA
x-amz-cf-id: 6MdmYxT0FSVSQzb_lyI1qV09vH7gnnsjA6pmK9GQGuNx9spR2BKLbA==
x-hs-target-asset: adsscriptloaderstatic/static-1.283/bundles/pixels-release.js

GET
H2 200 destinations.min.js Show response
x.clearbitjs.com/v2/pk_eb94a3b23abc2d3ed2b6bf58e9046752/ 6 KB
3 KB 232ms
231ms Script
application/javascript 18.169.62.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_eb94a3b23abc2d3ed2b6bf58e9046752/destinations.min.js

Requested by

Host: x.clearbitjs.com
URL: https://x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/clearbit.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.169.62.151 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-169-62-151.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

5270503a5fd33905b768b697c48b660716cf6564fb582c20888099da842442a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
vary: Accept-Encoding

GET
H2 200 tracking.min.js Show response
x.clearbitjs.com/v2/pk_eb94a3b23abc2d3ed2b6bf58e9046752/ 168 KB
45 KB 178ms
177ms Script
application/javascript 18.169.62.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_eb94a3b23abc2d3ed2b6bf58e9046752/tracking.min.js

Requested by

Host: x.clearbitjs.com
URL: https://x.clearbitjs.com/v1/pk_eb94a3b23abc2d3ed2b6bf58e9046752/clearbit.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.169.62.151 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-169-62-151.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

208803e57a6a6d06cb7ff1e8a775caef1e02fa80d3d84587088ea04a79e7a8ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
vary: Accept-Encoding

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
3 KB 502ms
485ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=3455675&conversations-embed=static-1.10231&mobile=false&messagesUtk=0b86c236edd34f268ebfe8b3df3d9aa3&traceId=0b86c236edd34f268ebfe8b3df3d9aa3

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d973e12aeef335cf1a4f3c358be4419f2747a3e96de61b27ede84aca7884f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://awakesecurity.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Response headers

date: Fri, 24 Jun 2022 00:52:52 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 11587e93-c754-4cb8-91d9-a14b726c9bad
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1512
server: cloudflare
x-trace: 2B123C6D1A88368469DAD904300E2DC4CF5104A954000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIDVW%2FVEbsd%2BmqyBV7TjeLmD3eU2WeS%2FyEU7bZ45f2GizjXxZhHskTeVbC%2FEUJONeq8O%2B%2FSH2gR33iX1TYQEWFZ0W0xZjBCIRA1qYUE%2FAhcfjPnR4Dh2jaYsPCBS4NYfMkwPAbXiDIx8vVItPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://awakesecurity.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 72017bb0e83a9b7d-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 167ms
125ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://awakesecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://awakesecurity.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 72017baffea59975-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Fri, 24 Jun 2022 00:52:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1xwEY9UEMCtw8Di2ydd6i7u99NDCsbDGeH4i%2BnKa6EoGi5mEHY2Ny0ckWJnvwwvVemtvtEgiZL7rjmDHzXKoeyLw1ywaJdKyYGWWQtuL5US3LTrCcOlsENN%2F2qZXihkXGL1UqyAROFdGmiHmw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: 49655211-43d5-49ed-af63-862b677c57df
x-trace: 2BC7BA355D5E46CFA1F318AEDDE6550D23A9A55873000000000000000000

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
29ms Image
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=587644529&t=event&ni=1&_s=2&dl=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&ul=en-us&de=UTF-8&dt=Catching%20the%20White%20Stork%20in%20Flight%20with%20Multiple%20Techniques%20and%20Tools.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clearbit&ea=Enriched&el=Clearbit%20Enriched&_u=aHBAAEADQAAAAC~&jid=&gjid=&cid=108738202.1656031971&tid=UA-106883604-1&_gid=497360515.1656031971&gtm=2wg6m05XLMPQR&cd1=company&cd2=Posteo&cd3=posteo.de&cd13=apache%2Capache_http_server&cd4=Internet%20Software%20%26%20Services&cd5=Internet%20Software%20%26%20Services&cd12=73&cd11=DE&cd9=Berlin&cd7=%240-%241M&cd6=1-10&cd8=39768&z=163149895

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 16:17:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 30947
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 13A3 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://awakesecurity.com
Referer: https://awakesecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://awakesecurity.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 00:52:51 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 36ms
36ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=587644529&t=event&ni=1&_s=1&dl=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&ul=en-us&de=UTF-8&dt=Catching%20the%20White%20Stork%20in%20Flight%20with%20Multiple%20Techniques%20and%20Tools.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clearbit&ea=Enriched&el=Clearbit%20Enriched&_u=aHDAAEADQAAAAC~&jid=1015831086&gjid=246426115&cid=108738202.1656031971&tid=UA-106883604-1&_gid=497360515.1656031971&_r=1&_slc=1&cd2=Posteo&cd3=posteo.de&cd13=apache%2Capache_http_server&cd4=Internet%20Software%20%26%20Services&cd5=Internet%20Software%20%26%20Services&cd11=DE&cd9=Berlin&cd6=1-10&cd8=39768&cd15=company&cd10=Berlin&z=1417470577

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 00:52:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://awakesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-106883604-1&cid=108738202.1656031971&jid=1015831086&gjid=246426115&_gid=497360515.1656031971&_u=aHDAAEADQAAAAC~&z=738419004

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 24 Jun 2022 00:52:52 GMT
content-type: text/plain
access-control-allow-origin: https://awakesecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p Show response
app.clearbit.com/v1/ 16 B
1 KB 230ms
173ms XHR
application/json 18.169.82.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clearbit.com/v1/p

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.169.82.163 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-169-82-163.eu-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://awakesecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 24 Jun 2022 00:52:52 GMT
content-encoding: gzip
vary: Accept-Encoding
server: envoy
content-security-policy-report-only: default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://browser.sentry-cdn.com https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js https://cdn.clearbit.com https://cdn.segment.com/analytics.js/v1/auzWlbWIBrAsKnGQIiT0X3IjfZyepgW5/analytics.min.js https://connect.facebook.net https://edge.fullstory.com/s/fs.js https://fast.appcues.com https://www.google-analytics.com/analytics.js https://x.clearbitjs.com https://cdn.clearbit.com; style-src 'unsafe-inline' 'report-sample' 'self' https://cdn.clearbit.com https://fast.appcues.com https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.amplitude.com https://api.segment.io https://rs.fullstory.com https://www.google-analytics.com wss://api.appcues.net https://stats.g.doubleclick.net https://sentry.io https://logo.clearbit.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self'; img-src 'self' data: https://cdn.clearbit.com https://images.ctfassets.net https://logo.clearbit.com https://www.facebook.com https://connect.facebook.net https://www.google.com https://unpkg.com/react-flag-kit https://cloudfront.net/v1/avatars https://*.googleusercontent.com; manifest-src 'self'; media-src 'self'; report-uri https://o13610.ingest.sentry.io/api/6173537/security/?sentry_key=7ac906c405c04da0bad984892f88d1bb; worker-src 'none';
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://awakesecurity.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: Authorization, API-Version, Content-Type
x-content-type-options: nosniff

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 123ms
48ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-106883604-1&cid=108738202.1656031971&jid=1015831086&_u=aHDAAEADQAAAAC~&z=532359546

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 00:52:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 131ms
49ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-106883604-1&cid=108738202.1656031971&jid=1015831086&_u=aHDAAEADQAAAAC~&z=532359546

Requested by

Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 00:52:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 29ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: awakesecurity.com
URL: https://awakesecurity.com/blog/catching-the-white-stork-in-flight/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: DQXVECYYH26T8XA2
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: eALUuukJzB4ucStWKbHKE0iJ4pHw1jEWf2JkWgG6tOJtELdAqipD0ZP+vGohR4HC654nDcLzXqg=
x-served-by: cache-hhn4081-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1656031972.308106,VS0,VE0
date: Fri, 24 Jun 2022 00:52:52 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3436

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 65 B
914 B 171ms
130ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=3455675

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d14562bdd7ab76c74ed43f655a6513f731cef5abea78fb3fe901fee4447dc5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f3974b46-64fb-4e7a-922f-4b2581f6ba48
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BB18E14FE87EC34BE2D1DFAB76E9FE6A40338910C000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8RDSe8JUBaDY056LSA2TGiENhm99HSRu47odlYoT7G3dD%2Bv6jZhMWL8aHW6KKnEQs9o1hUqCa%2FWYr4FkuUsIrZDpzpamfZQi1jgX2ytJkaBUDTP3vGhoH9SqyFdxRHQJKP%2FXv67hu29wVo%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://awakesecurity.com
access-control-allow-credentials: false
cf-ray: 72017bb30b855c7a-FRA
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
955 B 164ms
132ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=552bf00a-3b99-46d5-ab7b-f3e36e880305&fci=ac6698be-832a-4a33-a9b1-7fcf83fed3b8&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=3455675&rcu=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&pu=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&t=Catching+the+White+Stork+in+Flight+with+Multiple+Techniques+and+Tools.&cts=1656031972293&vi=217a807708ffaba2026b5bbf263230f2&nc=true&u=52274294.217a807708ffaba2026b5bbf263230f2.1656031972287.1656031972287.1656031972287.1&b=52274294.1.1656031972287&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:52 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 2a31e1a0-128e-4f93-9a1f-aad6792aefe3
cf-ray: 72017bb3181e695d-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcHgrcNvXyK0jeyLw9%2BH9MHrx2HdjUzmPwosqcExDGK4VRk0at7%2BWo8cVGB5p177m9qT3cG11teNIujMNbjL29JxzitosuBWRR5fLK3pchhoxhQF299wTNylK4esBAfbOqjWuAS5KsBosOqAFyWP"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
563 B 175ms
144ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=3455675&rcu=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&pu=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&t=Catching+the+White+Stork+in+Flight+with+Multiple+Techniques+and+Tools.&cts=1656031972294&vi=217a807708ffaba2026b5bbf263230f2&nc=true&u=52274294.217a807708ffaba2026b5bbf263230f2.1656031972287.1656031972287.1656031972287.1&b=52274294.1.1656031972287&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:52 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 32d31fd4-774f-4dee-9214-879fcb04870f
cf-ray: 72017bb3181f695d-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETSSKEtZUsA9h%2FVUM93S1Pqbp5xh9vmI5l9WrU8p3VdORdKpE1s9ET06ZjDxASEEY2vjpwfOIMRX8tjF%2Fju%2BvlfxUcS0RkfzCh%2FZIQ95uFKDhphXz%2Fjm5xZnwyEuYZkSNJCY5GQXx1JjIG9R%2FEeG"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H/1.1 200
OK NRJS-64a4f7ef2e21bc2285c Show response
bam.nr-data.net/1/ 49 B
721 B 584ms
545ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-64a4f7ef2e21bc2285c?a=406231165&v=1216.487a282&to=MVUBZRFTXxVSV00PWggfIlIXW14IHERWFUE%3D&rst=2668&ck=1&ref=https://awakesecurity.com/blog/catching-the-white-stork-in-flight/&ap=327&be=734&fe=2630&dc=1448&perf=%7B%22timing%22:%7B%22of%22:1656031969651,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:140,%22c%22:140,%22s%22:153,%22ce%22:174,%22rq%22:174,%22rp%22:710,%22rpe%22:712,%22dl%22:713,%22di%22:1447,%22ds%22:1447,%22de%22:1450,%22dc%22:2630,%22l%22:2630,%22le%22:2646%7D,%22navigation%22:%7B%7D%7D&fp=891&fcp=891&at=HRICE1lJTBs%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 00:52:52 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 72017bb349ee997b-FRA

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:ef::5c7b:c24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://awakesecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 00:52:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=36572
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 0b86c236edd34f268ebfe8b3df3d9aa3 Show response
app.hubspot.com/conversations-visitor/3455675/threads/utk/ Frame EFC1 48 KB
18 KB 203ms
202ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/3455675/threads/utk/0b86c236edd34f268ebfe8b3df3d9aa3?uuid=c6671d2256854832976fa966ef9ab3fc&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=awakesecurity.com&inApp53=false&messagesUtk=0b86c236edd34f268ebfe8b3df3d9aa3&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5231f1e0b0def788f7f6e7520f05c30603ebe4566b5d37e4d8d1b29dba37c971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://awakesecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 1287
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 72017bb3f8ae695d-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.12684/html/index.html&cfRay=72017bb3f8ae695d&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F3455675%2Fthreads%2Futk%2F0b86c236edd34f268ebfe8b3df3d9aa3%3Fuuid%3Dc6671d2256854832976fa966ef9ab3fc%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dawakesecurity.com%26inApp53%3Dfalse%26messagesUtk%3D0b86c236edd34f268ebfe8b3df3d9aa3%26url%3Dhttps%253A%252F%252Fawakesecurity.com%252Fblog%252Fcatching-the-white-stork-in-flight%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fawakesecurity.com%2F&cfenv=prod&pdt=2022-06-24&csp=ro
content-type: text/html; charset=utf-8
date: Fri, 24 Jun 2022 00:52:52 GMT
etag: W/"fa89812b4fd8ee9b1d31e95dc7ddb97b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 13 Jun 2022 04:26:28 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=72017bb3f8ae695d&resource=conversations-visitor-ui/static-1.12684/html/index.html"}]}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
x-amz-cf-id: QHSNIo05MyerMFsbjrGsjLjPbk5i0c7bHBZaea7_nbwQ2PUVfs3P0Q==
x-amz-cf-pop: IAD89-P1
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: SpHhJJTjuGegOCI.nTrtfgd.iKd5rB_V
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.12684/html/index.html
x-hs-worker-debug-mode: false

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.213/ Frame EFC1 44 KB
16 KB 64ms
26ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.213/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/3455675/threads/utk/0b86c236edd34f268ebfe8b3df3d9aa3?uuid=c6671d2256854832976fa966ef9ab3fc&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=awakesecurity.com&inApp53=false&messagesUtk=0b86c236edd34f268ebfe8b3df3d9aa3&url=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67e83360c1899059ca090a581bff375f4061dbfb87373cb97cfcd7f9171a480e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:52 GMT
via: 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 794278
x-amz-server-side-encryption: AES256
cf-ray: 72017bb58ae0bb44-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 14:06:27 GMT
server: cloudflare
etag: W/"be8e05e1f26cd3b649ade425f7b669e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNMxq0vcs3bO35uyVdAeJY9FxcrRJLsvu0e9mIDzTY27a9yYF%2BVbnI1h67cMyN%2BPlYc2nSDAB238Rdqseisz9LVf3%2FI9rQZHsJ887lmn15Uk2PsDVEu4yEX7VNZ9Bolsx2gt9r67%2BuXrvM1EVDdjatzCyfA%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: oRECgMYrXUZy0onk7voirehZ8Cymfuh0
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: TG-AhUWx8OJS63hB0d5zRf_-xnY-eZef8ZJN4x8xnZu6MSWYs9VQ7A==
expires: Sat, 24 Jun 2023 00:52:52 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/ Frame EFC1 20 KB
5 KB 39ms
14ms Stylesheet
text/css 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:52 GMT
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 838661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 19:50:41 GMT
server: cloudflare
etag: W/"370a89ea102d7b437eb549729472631f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzYvqJrNfCwiQOJSxEKMiJpG6chXNVq94sqaNM1pw3DiZSaDJlHXfHov%2BMSySR6p2oqZQTyvBoB%2B%2F9On09oi%2BcXFbEUJu36IuQtF9rXDaA82b%2Fjz43SwLbAHR4ZMolA9bNmiV5gNO%2Fxhf1RgsK%2BtF4mlEIQ%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: LgyvJN0nZOCplqIYlCYJJ1cibXdW_3K_
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P2
cf-ray: 72017bb57f9c994b-FRA
x-amz-cf-id: 23c1eNiCqFv3-L7b7GcD5q0QudwUFfEGt_BsOirNla5ADUFWqNjTzQ==
expires: Sat, 24 Jun 2023 00:52:52 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.273/ Frame EFC1 289 KB
92 KB 64ms
27ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.273/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c915981d02126dd2411cee65149bdb68f092299f9c1633be286847e6d72aaf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:52 GMT
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1175534
x-amz-server-side-encryption: AES256
cf-ray: 72017bb58ae3bb44-FRA
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Jun 2022 20:12:51 GMT
server: cloudflare
etag: W/"7f1f4cf071fe807a6e3cb1c0e9606132"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ob%2FcwRyBzh4l7mgi5suBwlyk5n486a543neHwwQzlQWkWo%2FfBJts6ll1cz3ehTOd%2FvSY1zp%2Bc7I5vcbtHixPMhQVtX3mefEMDQV4A8mL26QMBILBSbPXmK3iCl6E99lgcNacGCFJL0Zix8807hxoY3Qj82s%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: KzPlPnaGfC2KvqH_C2ydD6oOPrLTHXIr
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: toLgeHyq_fex7t19EEi7RilBQbJUn0E6HhBLh3uUPt9JaWaZ1iVJ-w==
expires: Sat, 24 Jun 2023 00:52:52 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.12684/bundles/ Frame EFC1 507 KB
148 KB 71ms
34ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.12684/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

468c531a6386668a02a51387ee143d27f8879ffebf83d4be7ce79d8598ed6676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:52 GMT
via: 1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 245211
x-amz-server-side-encryption: AES256
cf-ray: 72017bb58ae1bb44-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Jun 2022 16:08:50 GMT
server: cloudflare
etag: W/"d78a4eb01642e4612e9d63542a5ff315"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEUPG5FjDfK5jabnX1dWQT7KotDUNXjcaR2TSDEiXfPqLkRm04z3X9OaieJ%2FJ7ZwSbiZAHhyBvoZ5v0aewsOHPk5%2FVxGzBsJFXH1CjhaTdFwwEhMradqfbmewgfrwCdJX4zqleNBWahZrfcgCKut3k1oIQQ%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: N0iLyaVSscG41DSlv6arCTHdVHqRVecf
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: rBKjsvPIBD6GDHdSzoHpeNZs8RL2Gcelqbk-K5s5Ij4FigrL1xvGhw==
expires: Sat, 24 Jun 2023 00:52:52 GMT

GET
H3 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.12542/ Frame EFC1 776 B
1 KB 39ms
23ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.12542/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.12684/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1365d4bdc14090157c99cf8491ca4391c87425182f746b89ff13276985ea1399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:52 GMT
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 636011
x-amz-server-side-encryption: AES256
cf-ray: 72017bb658675cb0-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 18 May 2022 09:08:39 GMT
server: cloudflare
etag: W/"656b59b2f477f1ad6d02dcf138603986"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTVwTR%2FeyAbOmoWBNoJsrxIz%2BQFfxKbaWaJGiL3g%2Bwp2kNIvs2DMrCZDmxbagbo1yAwfqXDUIe7VL%2B3ervcFor7Lj3cHZRhLxZreGEnUJMP5BfQwB%2FS61x0lMuC5%2B%2FCbWdrVBR8TE3LBh4p0HpwbASuuvZc%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: fUHN74ynTDIdw0gGW.WlWNPVJIqAdzYS
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P2
content-type: application/javascript
x-amz-cf-id: 9cwf1zfyGRNCYEOAdJarmRfGqFWREOiO1gYnL9SAjuMh4lN1GHgqJg==
expires: Sat, 24 Jun 2023 00:52:52 GMT

POST
H3 204 rhumb
api.hubspot.com/cartographer/v1/ Frame EFC1 0
1 KB 132ms
122ms Ping
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.12684

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.12684/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 Jun 2022 00:52:53 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 56a45102-9f4b-40e6-a6a0-2dd1b9ae3dae
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5kjoGWWlNwHLbn8cygB0sG2tbO5EEO6B%2FW%2FW2agIwux3Cx1V6s4LcVh5YykYJychUx%2B1yqpt2DUE%2FaFf1VfdxJXRk6c7bLz%2FnlKCQ%2F7sQL%2FGGDRXvaY9lTgcpCt7lR604FThH8M1ZA%2FA9tsGA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet
access-control-allow-credentials: true
cf-ray: 72017bb6d99c5be5-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer

GET
H3 200 welcomeMessages Show response
api.hubspot.com/livechat-public/v1/bots/public/bot/1134071/ Frame EFC1 912 B
1 KB 139ms
134ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/bots/public/bot/1134071/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.12684&conversations-visitor-ui=static-1.12684&traceId=0b86c236edd34f268ebfe8b3df3d9aa3&sessionId=AMOaWbIyIHEXPD6ZipPJO3DfYgEYNuu4rysE09ekRI0OVwaz-OkmEvdhPCQHZo5VOuNqhDvFmVMLTfIca1dfD-xXH33ORf_Mwtwx54hv2RompSEPhJtx4ssWBSsUIgJdLJpKD0QhtE6FYRHsgcD8MaAOiXQVOtepOLHORuKZJUQCACUh6AdIxww

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.213/bundle.production.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9324c7271eb85262925eaece54f97b1ff4fc4e4378b681d9ff30f64991d49e39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 00:52:53 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 23d11318-e9ce-4364-9170-a8398adf2a36
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
x-trace: 2B77CE21D77EB1D8FAF1DAEAED5F7A262A56C67937000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZdXnhzKlNzRF9ucVbctKgJYHrlVlNrWNRW3U1snIX%2FDMiDm8GgUQcDxhJRyUQVTEIBjpAjhYE%2FkRoPNmNrI4q7J3TS4z0gDyqKLaeMmj6dZRk5s1Z%2F51kzf9%2BmtF%2Bo5bQpu0jddMz2RCR7qzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet
access-control-allow-credentials: true
cf-ray: 72017bb6d99d5be5-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: img.blindspot.ai
URL: https://img.blindspot.ai/dot.png?gtmcb=1892037515

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.awakesecurity.com/	1970-01-20 12:46:07	Name: _biz_uid Value: f6f12ef1ab44446d9a070bce216fc91b
.awakesecurity.com/	1970-01-20 04:00:33	Name: _biz_sid Value: 1e3a48
.awakesecurity.com/	1970-01-20 12:46:07	Name: _biz_nA Value: 1
.bizible.com/	1970-01-20 12:46:07	Name: _BUID Value: f6f12ef1ab44446d9a070bce216fc91b
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: qZC0Ko_H0iI
.youtube.com/	1970-01-20 08:19:43	Name: VISITOR_INFO1_LIVE Value: h_XZQDonX3s
.bizibly.com/	1970-01-20 12:46:07	Name: _BUID Value: 2b84fa15bc2ec8d0c4f3bd0bf6336977
.awakesecurity.com/	1970-01-20 12:46:07	Name: _biz_pendingA Value: %5B%5D
.awakesecurity.com/	1970-01-20 06:10:07	Name: _gcl_au Value: 1.1.1028620379.1656031971
.awakesecurity.com/	1970-01-20 12:46:07	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.awakesecurity.com/	1970-01-20 12:46:07	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Jun+24+2022+00%3A52%3A51+GMT%2B0000+(GMT)&version=6.24.0&isIABGlobal=false&consentId=069932df-7b5f-433c-86b7-c2bfc4432814&interactionCount=0&landingPath=https%3A%2F%2Fawakesecurity.com%2Fblog%2Fcatching-the-white-stork-in-flight%2F&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0&hosts=H31%3A0%2CH30%3A0%2CH40%3A0%2CH26%3A0%2CH1%3A0%2CH27%3A0%2CH28%3A0%2CH29%3A0%2CH15%3A0%2CH32%3A0%2CH6%3A0%2CH18%3A0%2CH33%3A0%2CH10%3A0%2CH34%3A0%2CH35%3A0%2CH12%3A0
awakesecurity.com/	1970-01-20 12:46:07	Name: optiMonkClientId Value: d9510cea-b220-2fe8-07eb-48c198f58e15
.awakesecurity.com/	1970-01-20 21:31:43	Name: _ga Value: GA1.2.108738202.1656031971
.awakesecurity.com/	1970-01-20 04:01:58	Name: _gid Value: GA1.2.497360515.1656031971
.awakesecurity.com/	1970-01-20 04:00:32	Name: _gat_cb252020 Value: 1
.awakesecurity.com/	1970-01-20 06:10:07	Name: _fbp Value: fb.1.1656031971441.1856311682
.linkedin.com/	1970-01-20 04:43:43	Name: UserMatchHistory Value: AQL9VH3kmpm_wQAAAYGTMohn3anezQwipAm7BTiqwlGE-Yxc37OSP6Mq3ihvkzEXJVHEquwlK_5CLQ
.linkedin.com/	1970-01-20 04:43:43	Name: AnalyticsSyncHistory Value: AQLu9C-6Y_VQVAAAAYGTMohnXUL3NOwOLvAXBoceTxDYTcIxMtJxLU1oXXJNEqCIQV2XHashVFv81gI7I9BQNA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:32:25	Name: bcookie Value: "v=2&83c073a1-4c61-4b16-8dce-76f8c6a9aef3"
.linkedin.com/	1970-01-20 04:01:58	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2649:u=1:x=1:i=1656031971:t=1656118371:v=2:sig=AQFPNVnUJIgx7akcd9f20mptkiyHPGoH"
.doubleclick.net/	1970-01-20 04:00:32	Name: test_cookie Value: CheckForPermission
.t.co/	1970-01-20 21:31:43	Name: muc_ads Value: 787d27ac-07e2-4569-859e-7f8ba798c28b
.twitter.com/	1970-01-20 21:31:43	Name: personalization_id Value: "v1_j6J5JR6eCaoXlomjM8HMtA=="
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 21:32:25	Name: bscookie Value: "v=1&202206240052518a168cb5-c501-474e-8970-136e856d7a64AQGWi19xe9WMZQUM1xS8dNtTqxcNnwxP"
.linkedin.com/	1970-01-20 21:30:29	Name: li_gc Value: MTswOzE2NTYwMzE5NzE7MjswMjF7B9UdFvo1vFIuLhohVgbV7gI55Hin2tsQE3JpBW3x8A==
.awakesecurity.com/	1970-01-20 04:00:32	Name: _gat_awake_security___all_website_data_Clearbit Value: 1
.awakesecurity.com/	1970-01-20 12:46:07	Name: cb_user_id Value: null
.awakesecurity.com/	1970-01-20 12:46:07	Name: cb_group_id Value: null
.awakesecurity.com/	1970-01-20 12:46:07	Name: cb_anonymous_id Value: %22cdd08deb-3ccf-4817-be17-b7b464a43872%22
.awakesecurity.com/	1970-01-20 08:19:43	Name: __hstc Value: 52274294.217a807708ffaba2026b5bbf263230f2.1656031972287.1656031972287.1656031972287.1
.awakesecurity.com/	1970-01-20 08:19:43	Name: hubspotutk Value: 217a807708ffaba2026b5bbf263230f2
.awakesecurity.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.awakesecurity.com/	1970-01-20 04:00:33	Name: __hssc Value: 52274294.1.1656031972287
.hubspot.com/	1970-01-20 04:00:33	Name: __cf_bm Value: nmnI0YpE_95GR.SKLv_..Ew_WOKUrIm2q_Q9Lz5TL4I-1656031972-0-AVSk6VkoqfBgdCE5FIRJ25JvliHLKSrwtBLpb4a9rFDq8/p0/zAYROTPkRC3g19D7jNNwPMsXrg/LHUPYXrByAU=
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 7c8c3cb9ec50cec8

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://img.blindspot.ai/dot.png?gtmcb=1892037515 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.hubapi.com
api.hubspot.com
app.clearbit.com
app.hubspot.com
awakesecurity.com
bam.nr-data.net
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
front.optimonk.com
ga.clearbit.com
geolocation.onetrust.com
googleads.g.doubleclick.net
gs-cdn.optimonk.com
hubspot.clearbit.com
img.blindspot.ai
jfapiprod.optimonk.com
js-agent.newrelic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
js.usemessages.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
static.ads-twitter.com
static.hsappstatic.net
stats.g.doubleclick.net
t.co
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.youtube.com
x.clearbitjs.com
img.blindspot.ai
104.244.42.131
104.244.42.69
104.26.15.86
13.107.42.14
138.199.37.226
142.250.185.98
151.101.66.137
152.195.15.58
157.245.25.14
162.247.241.14
18.169.62.151
18.169.82.163
199.232.188.157
2001:4860:4802:36::178
2606:4700:10::6814:b944
2606:4700:4400::6812:21ab
2606:4700::6810:5805
2606:4700::6810:9440
2606:4700::6811:43b0
2606:4700::6811:70b0
2606:4700::6811:7d2
2606:4700::6811:b649
2606:4700::6811:c9cc
2606:4700::6811:d5cc
2606:4700::6811:efcc
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:802::2003
2a00:1450:4001:809::200a
2a00:1450:4001:810::2008
2a00:1450:4001:811::200e
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2002
2a00:1450:400c:c06::9a
2a02:26f0:ef::5c7b:c24a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.117.177.207
014dd9e48cc1bfdd8e7567da834676644343f66505e38f8647f1d8bd866fece2
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0db688117e0d7cfc231d48c350f2617d8d03467de91ac533d176bec3b5fbac1a
0e809ee0a59017ff9205bb5c568c8f30a4aa01b4756eb68fbbe4812d9c700134
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11550138417998decd4f6e7f7c80ab94e1e11341e98ef4a69826565a19786b7f
1211a9a77e9e16594929055d1e99009c3e85f4ffbbfd5b0646319087812eea30
1365d4bdc14090157c99cf8491ca4391c87425182f746b89ff13276985ea1399
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1547a5df4d7720dfbf9fceaac844032e843742b2a471435775e0739409361736
17a4a28b3f106f2566d17c04eef8d69afbcf8d966124a01b2e2915b7bcdc609b
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
1ad7be1450b1857107cbdaf03fd3e1c23c864d10c3c5c842454fdefc6f2ee58c
208803e57a6a6d06cb7ff1e8a775caef1e02fa80d3d84587088ea04a79e7a8ea
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
32aa45ae6d18a04cf5985a3ff0149460e7c7145fef07dd2df08cf9c6c29336c0
32e5d3676f7cca9d4bc0898299033b5fd8dfa56c917d007a9696355d1c271c26
33de01f1dce7eee5b5ea44986000f20ac585c04d34a29cd2b7f4791021455fd6
34cdaf5ee94e8484cb6ecfd7cdfba2d0078977550770df9dd08d4622507eb69c
39a56ba98bb3f08df687cd1282b384955912a2ab885d2d8c62cb28bb03fdb794
3bcef1961edf3ebfbecb3d54f2dc2ccb3dd0d8539ab61d714244733a22a6dc4c
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854
468c531a6386668a02a51387ee143d27f8879ffebf83d4be7ce79d8598ed6676
47ea5256bfc4bb763ac4c6ee485c593f5647d6518a2bd77310d0290b09ff5155
4f9667f65fc5b852ce86f4f3b6df2b7775925fa0b582ce45ec6a181a9cd19c59
519e0c50f2b1b22277fd03b87848839335c8b4b3537f60c0e5ca477f39a1912b
5231f1e0b0def788f7f6e7520f05c30603ebe4566b5d37e4d8d1b29dba37c971
5270503a5fd33905b768b697c48b660716cf6564fb582c20888099da842442a6
59724cd88aeb9ed1579086352c4eefc048cdc7207c3dbf8c450ac1030cc57d3b
59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734
5a66b75a0605cde41e287281ecb1232c00ebb98371a0c52b6067d2a5d1fbef48
5e232623c90033b45c4ca98c53ff6b4b5b6c54b1c2da2f05a3a1a7e68e2ca8f5
63c25a34debe806536107459576591bbecd97abe950d97ea98eb7da8124fefb0
65dad26d197878fdddaaa0ab1990b6a0bc7f6853c6db2af3e1970ba6c2f5b2a8
67bde44785ec5cd4a52b80ea9f11e1e0c3ba5341f57000e55e1003705f231cd2
67e83360c1899059ca090a581bff375f4061dbfb87373cb97cfcd7f9171a480e
6c915981d02126dd2411cee65149bdb68f092299f9c1633be286847e6d72aaf9
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
7706f4a08bc313a7add61864f0067b5126f836fd76dd2586f39f19bc8f278a8b
827ad877bc995d3249dc37ce07b933b5783ee4a2cabf7ca9d6636b6e759ec50b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85f0b9ca412b1b2c5ce84007871323a0d6f3e532e7b8a726026b458a1656c1df
87b97e918443f00f535336cbe78108c1be5b459bca4551e70b8d4a6653c1a817
8a5caa879ade5381c20eb49f351525d8408d906030e689fe76fdbfad93faa071
8d14562bdd7ab76c74ed43f655a6513f731cef5abea78fb3fe901fee4447dc5e
90469a738b4941f67801263e205d61d2ee8edb6c5eea447cf31220a98277c83a
9324c7271eb85262925eaece54f97b1ff4fc4e4378b681d9ff30f64991d49e39
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4e00320cfc724fde175314d7d9970ced29cc4967ec09288cc6291716e13209c
a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c0d973e12aeef335cf1a4f3c358be4419f2747a3e96de61b27ede84aca7884f9
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d088bee0f421a9d84586b4e47c7b43b179d44377f656af2e6e4021d7baceb726
d4011e6e37410bd18734c9f0ee78a4c463d866595008d68408cd8eab607d74c2
d435074da875ff2017a093ab23d347cc660690697ff068f9eaadec22eae8a0dd
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
dabe26818e76d60561bf599c30593ebec66e9fd0297faf4dddb13cd3d4c2faba
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1542137a20a23276ec5664c54bb99113c42280bf1f699d035e6d12f2381c156
e25a07abea29fb732abbcadbc34d98aff95a4629359c7201e5fe265a41f8a419
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852
ef000116a095a861514ad5de78a59ffd3fea4733bee92e71aacfbb36577001de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c38539a76677751814ea74a03af1fabe27ad006daefe70b50f3d3ea23397ec
f766c61297183207dea435ddd5ce006c7230aa27c834bb1bc4dbe01b83d97d69
f7d6781923c1121af3b28d0a2d3c9749620616109cc7a1093901ca62dbf6ee53
f92c14a096fcafd269c97b69a1288b2719a6c2df4256f9da1f09c51edaf488e9
faca2a40969659b6bd6588bf951d7a1e95b60130c3b3906bf64f9c3f23d1267f
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
fe0c55f3605f88a12da5eeed64499b5ad2c5f7bd544e548a5bfda0ffe6487fe0
fe65e8f74381d5afc5a63c298f62b26c4b68531e9e2792e6fa63f4af24842596

awakesecurity.com Open in urlscan Pro 104.26.15.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

100 Requests

97 %HTTPS

65 %IPv6

37 Domains

46 Subdomains

40 IPs

4 Countries

1690 kBTransfer

4649 kBSize

37 Cookies

14 Outgoing links

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

awakesecurity.com Open in urlscan Pro
104.26.15.86 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

97 %
HTTPS

65 %
IPv6

37
Domains

46
Subdomains

40
IPs

4
Countries

1690 kB
Transfer

4649 kB
Size

37
Cookies

100 HTTP transactions
1 data transactions